SCA: security update for openclaw (GHSA-g6q9-8fvw-f7rf)

high Tenable Self-Hosted Container Security Plugin ID 437912

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- OpenClaw is a personal AI assistant. Prior to OpenClaw version 2026.2.14, the Gateway tool accepted a
tool-supplied `gatewayUrl` without sufficient restrictions, which could cause the OpenClaw host to attempt
outbound WebSocket connections to user-specified targets. This requires the ability to invoke tools that
accept `gatewayUrl` overrides (directly or indirectly). In typical setups this is limited to authenticated
operators, trusted automation, or environments where tool calls are exposed to non-operators. In other
words, this is not a drive-by issue for arbitrary internet users unless a deployment explicitly allows
untrusted users to trigger these tool calls. Some tool call paths allowed `gatewayUrl` overrides to flow
into the Gateway WebSocket client without validation or allowlisting. This meant the host could be
instructed to attempt connections to non-gateway endpoints (for example, localhost services, private
network addresses, or cloud metadata IPs). In the common case, this results in an outbound connection
attempt from the OpenClaw host (and corresponding errors/timeouts). In environments where the tool caller
can observe the results, this can also be used for limited network reachability probing. If the target
speaks WebSocket and is reachable, further interaction may be possible. Starting in version 2026.2.14,
tool-supplied `gatewayUrl` overrides are restricted to loopback (on the configured gateway port) or the
configured `gateway.remote.url`. Disallowed protocols, credentials, query/hash, and non-root paths are
rejected. (CVE-2026-26322)

See Also

https://github.com/advisories/GHSA-g6q9-8fvw-f7rf

Plugin Details

Severity: High

ID: 437912

Version: Revision 1.4

Type: Local

Family: SCA Checks

Published: 2/20/2026

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 3.9

Percentile: 52.77

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: High

Base Score: 8

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:P/A:P

CVSS Score Source: CVE-2026-26322

CVSS v3

Risk Factor: High

Base Score: 7.6

Temporal Score: 6.6

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 2/17/2026

Vulnerability Publication Date: 2/17/2026

Reference Information

CVE: CVE-2026-26322

cwe: CWE-918