OpenClaw: LLM Agent Can Disable Exec Approval without User Consent

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.2

OpenClaw: LLM Agent Can Disable Exec Approval without User Consent

GHSA-v3qc-wrwx-j3pw

Summary

A security issue was found in OpenClaw, a library used by developers. A malicious agent could bypass the need for user approval to execute certain actions, potentially leading to unauthorized changes. Developers using OpenClaw versions prior to 2026.3.28 should update to the latest version to fix this issue.

What to do

Update openclaw to version 2026.3.28.

Affected software

Vendor	Product	Affected versions	Fix available
–	openclaw	<= 2026.3.24	2026.3.28

Original title

OpenClaw: Agentic Consent Bypass — LLM Agent Can Silently Disable Exec Approval via `config.patch`

Original description

## Summary
Agentic Consent Bypass: LLM Agent Can Silently Disable Exec Approval via `config.patch`

## Current Maintainer Triage
- Status: open
- Normalized severity: high
- Assessment: Maintainers accepted this issue, fixed it in 76411b2afc4ae721e36c12e0ea24fd23e2fed61e on 2026-03-27, and that fix shipped in v2026.3.28, so normalize it as a fixed released draft rather than a close-by-trust-model call.

## Affected Packages / Versions
- Package: `openclaw` (npm)
- Latest published npm version: `2026.3.31`
- Vulnerable version range: `<=2026.3.24`
- Patched versions: `>= 2026.3.28`
- First stable tag containing the fix: `v2026.3.28`

## Fix Commit(s)
- `76411b2afc4ae721e36c12e0ea24fd23e2fed61e` — 2026-03-27T09:42:15Z

OpenClaw thanks @YLChen-007 for reporting.

ghsa CVSS4.0 8.2

Vulnerability type

CWE-285 Improper Authorization

Published: 3 Apr 2026 · Updated: 3 Apr 2026 · First seen: 3 Apr 2026