GHSA-QP5J-JR73-M2PW Duplicate Advisory: Workspace .env npm_execpath could influence bundled runtime dependency install
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-24vr-rprv-67rf. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.29 contains a path traversal vulnerability in the install helper that allows workspace .env...