GHSA-Q2QC-744P-66R2
Vulnerability from github – Published: 2026-03-29 15:47 – Updated: 2026-03-29 15:47
VLAI
Summary
OpenClaw: `session_status` sessionId resolution bypasses sandboxed session-tree visibility
Details
Summary
session_status sessionId resolution bypasses sandboxed session-tree visibility
Affected Packages / Versions
- Package:
openclaw - Affected versions:
>= 2026.3.11, <= 2026.3.24 - First patched version:
2026.3.25 - Latest published npm version at verification time:
2026.3.24
Details
session_status previously resolved a sessionId to a canonical session key after early visibility checks, letting sandboxed children reach parent or sibling sessions that were blocked by explicit sessionKey. Commit d9810811b6c3c9266d7580f00574e5e02f7663de enforces visibility after sessionId resolution so sandboxed callers cannot escape their session tree.
Verified vulnerable on tag v2026.3.24 and fixed on main by commit d9810811b6c3c9266d7580f00574e5e02f7663de.
Fix Commit(s)
d9810811b6c3c9266d7580f00574e5e02f7663de
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2026.3.24"
},
"package": {
"ecosystem": "npm",
"name": "openclaw"
},
"ranges": [
{
"events": [
{
"introduced": "2026.3.11"
},
{
"fixed": "2026.3.28"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-639",
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-29T15:47:50Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "## Summary\n\n`session_status` sessionId resolution bypasses sandboxed session-tree visibility\n\n## Affected Packages / Versions\n\n- Package: `openclaw`\n- Affected versions: `\u003e= 2026.3.11, \u003c= 2026.3.24`\n- First patched version: `2026.3.25`\n- Latest published npm version at verification time: `2026.3.24`\n\n## Details\n\n`session_status` previously resolved a `sessionId` to a canonical session key after early visibility checks, letting sandboxed children reach parent or sibling sessions that were blocked by explicit `sessionKey`. Commit `d9810811b6c3c9266d7580f00574e5e02f7663de` enforces visibility after `sessionId` resolution so sandboxed callers cannot escape their session tree.\n\nVerified vulnerable on tag `v2026.3.24` and fixed on `main` by commit `d9810811b6c3c9266d7580f00574e5e02f7663de`.\n\n## Fix Commit(s)\n\n- `d9810811b6c3c9266d7580f00574e5e02f7663de`",
"id": "GHSA-q2qc-744p-66r2",
"modified": "2026-03-29T15:47:50Z",
"published": "2026-03-29T15:47:50Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-q2qc-744p-66r2"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/d9810811b6c3c9266d7580f00574e5e02f7663de"
},
{
"type": "PACKAGE",
"url": "https://github.com/openclaw/openclaw"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "OpenClaw: `session_status` sessionId resolution bypasses sandboxed session-tree visibility"
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…