{"data":{"id":"205db0ea-8e1e-46a6-8f07-7e7bff722c73","title":"GHSA-v3qc-wrwx-j3pw: OpenClaw: Agentic Consent Bypass — LLM Agent Can Silently Disable Exec Approval via `config.patch`","summary":"OpenClaw, an LLM agent framework, had a vulnerability where an AI agent could bypass approval controls by using a `config.patch` command (a way to modify settings) to silently disable execution approval requirements. This means an agent could potentially perform restricted actions without human permission.","solution":"The vulnerability was fixed in commit 76411b2afc4ae721e36c12e0ea24fd23e2fed61e on 2026-03-27 and released in version 2026.3.28. Users should update to OpenClaw version 2026.3.28 or later.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-v3qc-wrwx-j3pw","publishedAt":"2026-04-03T03:03:18.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":[],"issueType":"vulnerability","affectedPackages":["openclaw@<= 2026.3.24 (fixed: 2026.3.28)"],"affectedVendors":[],"affectedVendorsRaw":["OpenClaw"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":true,"disclosureDate":"2026-04-03T03:03:18.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","safety"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}