This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: OpenClaw fails to sanitize external hook metadata. π **Consequences**: Untrusted input is treated as trusted system events.β¦
π‘οΈ **Root Cause**: **CWE-345** (Insufficient Verification of Data Authenticity). The flaw lies in the input validation logic for **Agent Hook Events**.β¦
π₯ **Affected**: **OpenClaw** versions **< 2026.4.10**. Any installation running these older versions is vulnerable. The specific component is the **Agent Hook Event** handler.
Q4What can hackers do? (Privileges/Data)
π **Attacker Capabilities**: Can elevate untrusted input to a **higher-trust agent context**. This allows for **High Confidentiality** and **High Integrity** impact.β¦
π **Public Exploit**: **No**. The `pocs` array is empty. While references exist (GitHub Advisory, Patch Commit), there is no public Proof-of-Concept (PoC) or wild exploitation code available yet.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Check your OpenClaw version. If it is **older than 2026.4.10**, you are vulnerable. Look for custom or external hook integrations that accept user-defined names or metadata.β¦
β **Official Fix**: **Yes**. The vulnerability is fixed in version **2026.4.10** and later. A patch commit is available: `e3a845bde5b54f4f1e742d0a51ba9860f9619b29`. Update immediately.
Q9What if no patch? (Workaround)
π§ **Workaround**: If you cannot patch immediately, **disable external hook inputs** or restrict hook names to a strict allowlist. Ensure no user-controlled data is passed directly into the hook metadata queue.β¦
π₯ **Urgency**: **HIGH**. With **CVSS High** severity and **No Auth Required**, this is a critical risk. Prioritize updating to **v2026.4.10+** immediately to prevent potential agent hijacking and data compromise.