GHSA-4hmj-39m8-jwc7

Suggest an improvement
Source
https://github.com/advisories/GHSA-4hmj-39m8-jwc7
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-4hmj-39m8-jwc7/GHSA-4hmj-39m8-jwc7.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-4hmj-39m8-jwc7
Published
2026-03-29T15:50:41Z
Modified
2026-03-29T16:05:04.347383Z
Summary
OpenClaw has ACP CLI approval prompt ANSI escape sequence injection
Details

Summary

ACP CLI approval prompt ANSI escape sequence injection

Affected Packages / Versions

  • Package: openclaw
  • Affected versions: >= 2026.2.13, <= 2026.3.24
  • First patched version: 2026.3.25
  • Latest published npm version at verification time: 2026.3.24

Details

ACP tool titles could previously carry ANSI control sequences into approval prompts and permission logs, letting untrusted tool metadata spoof terminal output. Commit 464e2c10a5edceb380d815adb6ff56e1a4c50f60 sanitizes tool titles at the source and broadens ANSI stripping to full CSI sequences.

Verified vulnerable on tag v2026.3.24 and fixed on main by commit 464e2c10a5edceb380d815adb6ff56e1a4c50f60.

Fix Commit(s)

  • 464e2c10a5edceb380d815adb6ff56e1a4c50f60
Database specific 
{
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-116",
        "CWE-150"
    ],
    "nvd_published_at": null,
    "github_reviewed_at": "2026-03-29T15:50:41Z",
    "severity": "MODERATE"
}
References

Affected packages

npm / openclaw

Package

Name
openclaw
View open source insights on deps.dev
Purl
pkg:npm/openclaw

Affected ranges

Type
SEMVER
Events
Introduced
2026.2.13
Fixed
2026.3.28

Database specific

last_known_affected_version_range 
"<= 2026.3.24"
source 
"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-4hmj-39m8-jwc7/GHSA-4hmj-39m8-jwc7.json"