Duplicate Advisory: OpenClaw: Workspace dotenv files cannot override connector endpoint hosts

GHSA-5jgm-f9wr-9qm7

Published May 11, 2026 · Modified May 18, 2026

Description

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-55cf-xx38-4p9p. This link is maintained to preserve external references.

Original Description

OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost, IRC, and Synology connectors. Attackers with workspace access can redirect runtime traffic to malicious endpoints by setting endpoint variables in dotenv files.

References

WEB https://github.com/openclaw/openclaw/security/advisories/GHSA-55cf-xx38-4p9p
ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2026-45003
WEB https://github.com/openclaw/openclaw/commit/0623079e98abf7202591f1b04a89755eb7ec9272
PACKAGE https://github.com/openclaw/openclaw
WEB https://www.vulncheck.com/advisories/openclaw-connector-endpoint-host-override-via-workspace-dotenv-files

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes