PT-2026-25434 · Npm · Openclaw
Published
2026-03-03
·
Updated
2026-03-03
CVSS v4.0
2.0
Low
| Vector | AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
Summary
OpenClaw accepted prototype-reserved keys in runtime
/debug set override object values (proto, constructor, prototype).Impact
/debug is disabled by default, and exploitation requires an already authorized /debug set caller. No unauthenticated vector was identified.This issue affects runtime in-memory overrides only (non-persistent and cleared on restart/reset). Given the required prior authorization boundary, this is treated as defense-in-depth hardening for command flag evaluation.
Affected Packages / Versions
- Package:
openclaw(npm) - Latest published vulnerable version confirmed:
2026.2.19-2 - Vulnerable range:
<= 2026.2.19-2 - Patched in planned next release:
2026.2.21
Technical Details
- Runtime override merges now block reserved prototype keys during deep merge.
- Runtime override writes now sanitize nested object values to remove reserved prototype keys before storing overrides.
- Restricted command gates (
bash,config,debug) now require own-property boolean flags, preventing inherited prototype values from enabling commands.
Fix Commit(s)
fbb79d4013000552d6a2c23b9613d8b3cb92f6b6
Release Process Note
patched versions is pre-set to 2026.2.21 so after the npm release is live, this advisory can be published immediately.OpenClaw thanks @tdjackey for reporting.
Fix
Prototype Pollution
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openclaw