Apache OpenClaw: Malicious Node Metadata Can Bypass Security Restrictions

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.9

Apache OpenClaw: Malicious Node Metadata Can Bypass Security Restrictions

GHSA-392f-ggf5-fp3c

Summary

This vulnerability allows a malicious node to bypass security restrictions by providing Unicode characters that look similar to others, potentially allowing unauthorized access to commands. This affects Apache OpenClaw versions up to 2026.2.26. To fix this, update to version 2026.3.1 or later.

What to do

Update openclaw to version 2026.3.1.

Affected software

Vendor	Product	Affected versions	Fix available
–	openclaw	<= 2026.3.1	2026.3.1

Original title

OpenClaw: Unicode canonicalization drift in node metadata policy classification could broaden node allowlists

Original description

### Summary
A paired node could supply Unicode-confusable `platform` or `deviceFamily` metadata that passed metadata pinning but classified differently for command policy resolution, broadening default node command allowlists.

### Impact
This is a policy-bypass issue within the paired-node trust boundary and can expand node command availability beyond intended defaults.

### Fix
Node metadata canonicalization was hardened against confusables, and unknown platform defaults were made conservative (excluding `system.run` and `system.which` unless explicitly allowlisted).

### Affected and Patched Versions
- Affected: `<= 2026.2.26`
- Patched: `2026.3.1`

ghsa CVSS4.0 6.9

Vulnerability type

CWE-176

CWE-436

Published: 2 Mar 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026