Publish Advisories

GHSA-5gjc-grvm-m88j
GHSA-j6c7-3h5x-99g9
GHSA-vfp4-8x56-j7c5

Author: advisory-database[bot]

advisories/github-reviewed/2026/04/GHSA-5gjc-grvm-m88j/GHSA-5gjc-grvm-m88j.json

@@ -0,0 +1,64 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5gjc-grvm-m88j",
+  "modified": "2026-04-17T21:53:17Z",
+  "published": "2026-04-17T21:53:17Z",
+  "aliases": [],
+  "summary": "OpenClaw: Memory dreaming config persistence was reachable from operator.write commands",
+  "details": "## Summary\n\nMemory dreaming config persistence was reachable from operator.write commands.\n\n## Affected Packages / Versions\n\n- Package: `openclaw`\n- Ecosystem: npm\n- Affected versions: `>= 2026.4.5 < 2026.4.10`\n- Patched versions: `>= 2026.4.10`\n\n## Impact\n\nA write-scoped gateway path could toggle persistent memory dreaming settings through `/dreaming`, crossing into an admin-class configuration mutation.\n\n## Technical Details\n\nThe fix requires admin scope for persistent dreaming gateway toggles.\n\n## Fix\n\nThe issue was fixed in #63872. The first stable tag containing the fix is `v2026.4.10`, and `openclaw@2026.4.14` includes the fix.\n\n## Fix Commit(s)\n\n- `6af17b39e11f5f35e23b7e5a5f71a7d0aa3c7310`\n- PR: #63872\n\n## Release Process Note\n\nUsers should upgrade to `openclaw` 2026.4.10 or newer. The latest npm release, `2026.4.14`, already includes the fix.\n\n## Credits\n\nThanks to @zpbrent and @zsxsoft, with sponsorship from @KeenSecurityLab and @qclawer for reporting this issue.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "openclaw"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "2026.4.5"
+            },
+            {
+              "fixed": "2026.4.10"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-5gjc-grvm-m88j"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/openclaw/openclaw/pull/63872"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/openclaw/openclaw/commit/6af17b39e11f5f35e23b7e5a5f71a7d0aa3c7310"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/openclaw/openclaw"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-266",
+      "CWE-863"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-04-17T21:53:17Z",
+    "nvd_published_at": null
+  }
+}

advisories/github-reviewed/2026/04/GHSA-j6c7-3h5x-99g9/GHSA-j6c7-3h5x-99g9.json

@@ -0,0 +1,63 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-j6c7-3h5x-99g9",
+  "modified": "2026-04-17T21:53:36Z",
+  "published": "2026-04-17T21:53:36Z",
+  "aliases": [],
+  "summary": "OpenClaw: Shell-wrapper detection missed env-argv assignment injection forms",
+  "details": "## Summary\n\nShell-wrapper detection missed env-argv assignment injection forms.\n\n## Affected Packages / Versions\n\n- Package: `openclaw`\n- Ecosystem: npm\n- Affected versions: `>= 2026.2.22 < 2026.4.12`\n- Patched versions: `>= 2026.4.12`\n\n## Impact\n\nExec preflight handling missed shell-wrapper and argv-level environment assignment forms that could affect execution semantics, including high-risk shell environment controls.\n\n## Technical Details\n\nThe fix broadens shell-wrapper detection and blocks environment assignments in argv forms. High-risk shell variables such as `SHELLOPTS` and `PS4` are covered by the host environment security policy.\n\n## Fix\n\nThe issue was fixed in #65717. The first stable tag containing the fix is `v2026.4.12`, and `openclaw@2026.4.14` includes the fix.\n\n## Fix Commit(s)\n\n- `8f8492d172f4c5b4fd7dd9a47855ed620c8770ab`\n- PR: #65717\n\n## Release Process Note\n\nUsers should upgrade to `openclaw` 2026.4.12 or newer. The latest npm release, `2026.4.14`, already includes the fix.\n\n## Credits\n\nThanks to @decsecre583 for reporting this issue.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "openclaw"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "2026.2.22"
+            },
+            {
+              "fixed": "2026.4.12"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-j6c7-3h5x-99g9"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/openclaw/openclaw/pull/65717"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/openclaw/openclaw/commit/8f8492d172f4c5b4fd7dd9a47855ed620c8770ab"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/openclaw/openclaw"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-78"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-04-17T21:53:36Z",
+    "nvd_published_at": null
+  }
+}

advisories/github-reviewed/2026/04/GHSA-vfp4-8x56-j7c5/GHSA-vfp4-8x56-j7c5.json

@@ -0,0 +1,55 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-vfp4-8x56-j7c5",
+  "modified": "2026-04-17T21:54:21Z",
+  "published": "2026-04-17T21:54:20Z",
+  "aliases": [],
+  "summary": "OpenClaw: Exec environment denylist missed high-risk interpreter startup variables",
+  "details": "## Summary\n\nExec environment denylist missed high-risk interpreter startup variables.\n\n## Affected Packages / Versions\n\n- Package: `openclaw`\n- Ecosystem: npm\n- Affected versions: `< 2026.4.10`\n- Patched versions: `>= 2026.4.10`\n\n## Impact\n\nThe exec environment policy missed interpreter startup variables such as `VIMINIT`, `EXINIT`, `LUA_INIT`, and `HOSTALIASES`, allowing operator-supplied environment overrides to influence downstream execution or network behavior.\n\n## Technical Details\n\nThe fix expands the host environment security policy denylist to cover these and related high-risk environment variables, with regression coverage.\n\n## Fix\n\nThe issue was fixed in #63277. The first stable tag containing the fix is `v2026.4.10`, and `openclaw@2026.4.14` includes the fix.\n\n## Fix Commit(s)\n\n- `2d126fc62343a7b6895351f96e4e1474bc358140`\n- PR: #63277\n\n## Release Process Note\n\nUsers should upgrade to `openclaw` 2026.4.10 or newer. The latest npm release, `2026.4.14`, already includes the fix.\n\n## Credits\n\nThanks to @feiyang666 of Tencent zhuque Lab (https://github.com/Tencent/AI-Infra-Guard) for reporting this issue.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "openclaw"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "2026.4.10"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-vfp4-8x56-j7c5"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/openclaw/openclaw"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-184"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-04-17T21:54:20Z",
+    "nvd_published_at": null
+  }
+}