ACP permission resolution trusted conflicting tool identity hints from rawInput and metadata, which could suppress dangerous-tool prompting.
openclaw (npm)v2026.3.23-2 (630f1479c44f78484dfa21bb407cbe6f171dac87)2026.3.23-2e4c61723cd2d530680cc61789311d464ab8cdf60The fix shipped in v2026.3.22 and remains present in v2026.3.23 and v2026.3.23-2.
OpenClaw thanks @zpbrent for reporting.
| Score | Percentile |
|---|---|
| 0.04% | 12.08% |
| Base score | Version | Severity | Vector |
|---|---|---|---|
| 5.7 | 3.1 | — |
|
| 6.9 | 4.0 | — |
|
| Type | Value |
|---|---|
| GHSA | GHSA-74wf-h43j-vvmj ↗ |
| CVE | CVE-2026-35655 ↗ |
Vulnerable version ranges and first patched releases as published by GitHub.
| Ecosystem | Package | Vulnerable range | First patched | Vulnerable functions |
|---|---|---|---|---|
| npm | openclaw | < 2026.3.22 | 2026.3.22 | — |