GHSA-8MR2-F9WF-HCFQ Duplicate Advisory: OpenClaw reuses the gateway auth token in the owner ID prompt hashing fallback
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-v6x2-2qvm-6gv8. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.22 reuse gateway.auth.token as a fallback hash secret for owner-ID prompt obfuscati...