GHSA-hfpr-jhpq-x4rm: OpenClaw: `operator.write` chat.send could reach admin-only config writes

March 9, 2026

A gateway client authenticated with operator.write could route /config set or /config unset through chat.send and reach persistent config mutation even though direct config RPC methods are admin-scoped.

References

github.com/advisories/GHSA-hfpr-jhpq-x4rm
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/5f8f58ae25e2a78f31b06edcf26532d634ca554e
github.com/openclaw/openclaw/releases/tag/v2026.3.7
github.com/openclaw/openclaw/security/advisories/GHSA-hfpr-jhpq-x4rm

Code Behaviors & Features

Detect and mitigate GHSA-hfpr-jhpq-x4rm with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →