Threats Tagged 'ghsa-8wg3-5mcm-fjq8'
View all threats tagged with 'ghsa-8wg3-5mcm-fjq8'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'ghsa-8wg3-5mcm-fjq8'
Click on any threat for detailed analysis and mitigation recommendations
GHSA-8wg3-5mcm-fjq8: OpenClaw: Workspace .env could override Homebrew executable selection for skill install flowsCVE-2026-53819 0 OpenClaw versions prior to 2026.5.27 contain a vulnerability where a workspace .env file can override the Homebrew executable selection during skill install flows. This could cause an unintended Homebrew-compatible executable to run when the affected feature is enabled and reachable. The vulnerability relies on a trusted operator opening a repository with a crafted .env file. The impact depends on the operator's configuration and whether lower-trust input can reach this execution path. The vulnerability is addressed in version 2026.5.27. Until patched, it is recommended to avoid running skill install flows from untrusted workspaces and to apply general hardening such as restricting channel and tool allowlists and disabling the affected feature when not needed. Join the discussion | GCVE Database | 07/02/2026, 16:57:30 UTC Added: 07/02/2026, 22:57:13 UTC |
Showing 1 to 1 of 1 result