GHSA-V6C6-VQQG-W888

Vulnerability from github – Published: 2026-02-18 00:57 – Updated: 2026-02-18 00:57
VLAI?
Summary
OpenClaw affected by potential code execution via unsafe hook module path handling in Gateway
Details

Summary

OpenClaw Gateway supports hook mappings with optional JavaScript/TypeScript transform modules. In affected versions, the gateway did not sufficiently constrain configured module paths before passing them to dynamic import(). Under some configurations, a user who can modify gateway configuration could cause the gateway process to load and execute an unintended local module.

Impact

Potential code execution in the OpenClaw gateway Node.js process.

This requires access that can modify gateway configuration (for example via the gateway config endpoints). Treat such access as high privilege.

Affected Packages / Versions

  • npm package: openclaw
  • Affected: >= 2026.1.5 and <= 2026.2.13

Patched Versions

  • >= 2026.2.14

Fix Commit(s)

  • a0361b8ba959e8506dc79d638b6e6a00d12887e4 (restrict hook transform module loading)
  • 35c0e66ed057f1a9f7ad2515fdcef516bd6584ce (harden hooks module loading)

Mitigation

  • Upgrade to 2026.2.14 or newer.
  • Avoid exposing gateway configuration endpoints to untrusted networks.
  • Review config for unsafe values:
  • hooks.mappings[].transform.module
  • hooks.internal.handlers[].module

Thanks @222n5 for reporting.

Severity ?
7.2 (High)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2026.1.5"
            },
            {
              "fixed": "2026.2.14"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-18T00:57:48Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "## Summary\n\nOpenClaw Gateway supports hook mappings with optional JavaScript/TypeScript transform modules. In affected versions, the gateway did not sufficiently constrain configured module paths before passing them to dynamic `import()`. Under some configurations, a user who can modify gateway configuration could cause the gateway process to load and execute an unintended local module.\n\n## Impact\n\nPotential code execution in the OpenClaw gateway Node.js process.\n\nThis requires access that can modify gateway configuration (for example via the gateway config endpoints). Treat such access as high privilege.\n\n## Affected Packages / Versions\n\n- npm package: `openclaw`\n- Affected: `\u003e= 2026.1.5` and `\u003c= 2026.2.13`\n\n## Patched Versions\n\n- `\u003e= 2026.2.14`\n\n## Fix Commit(s)\n\n- `a0361b8ba959e8506dc79d638b6e6a00d12887e4` (restrict hook transform module loading)\n- `35c0e66ed057f1a9f7ad2515fdcef516bd6584ce` (harden hooks module loading)\n\n## Mitigation\n\n- Upgrade to `2026.2.14` or newer.\n- Avoid exposing gateway configuration endpoints to untrusted networks.\n- Review config for unsafe values:\n  - `hooks.mappings[].transform.module`\n  - `hooks.internal.handlers[].module`\n\nThanks @222n5 for reporting.",
  "id": "GHSA-v6c6-vqqg-w888",
  "modified": "2026-02-18T00:57:48Z",
  "published": "2026-02-18T00:57:48Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-v6c6-vqqg-w888"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/35c0e66ed057f1a9f7ad2515fdcef516bd6584ce"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/a0361b8ba959e8506dc79d638b6e6a00d12887e4"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.14"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "OpenClaw affected by potential code execution via unsafe hook module path handling in Gateway"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.