OpenClaw < 2026.2.3 Prompt Injection (GHSA-782p-5fr5-7fj8)

The version of the OpenClaw AI assistant installed on the remote host is prior to 2026.2.3. It is, therefore, affected by a prompt injection vulnerability: - When the Slack integration is enabled, channel metadata topic/description can be incorporated into the model's system prompt, allowing...

Arbitrary Code Injection

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Arbitrary Code Injection via the incorporation of untrusted Slack channel metadata into the system prompt. An attacker can execute unauthorized commands or access sensitive information by...