AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-jfv4-h8mc-jcp8: OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup

mediumvulnerability

security

Source: GitHub Advisory DatabaseFebruary 18, 2026

Summary

OpenClaw's process cleanup feature had a security flaw where it could accidentally kill unrelated processes on shared servers. The tool was terminating processes that matched certain patterns without checking if they actually belonged to the OpenClaw process, which meant other users' programs could be shut down by mistake.

Solution / Mitigation

Update to version 2026.2.14 or later. The fix filters processes to only direct child processes (by checking that `ppid == process.pid` before sending termination signals). Additional improvements include using graceful termination first (`SIGTERM`, then `SIGKILL` as a fallback), using wider process output (`ps -axww`) to avoid truncation issues, and tightening pattern matching to avoid substring matches.

Classification

Attack SophisticationModerate

Affected Packages

openclaw@< 2026.2.14 (fixed: 2026.2.14)

Original source: https://github.com/advisories/GHSA-jfv4-h8mc-jcp8

First tracked: February 18, 2026 at 03:00 PM

Classified by LLM (prompt v3) · confidence: 95%