OpenClaw up to 2026.2.14 /git-hooks/pre-commit command injection 🚫 [False Positive]

Noticeinfo

⚠️ This issue was flagged as a false-positive. Please consult the sources mentioned and consider not using this entry at all.

Productinfo

Type

• Artificial Intelligence Software

Name

• OpenClaw

Version

• 2026.2.0
• 2026.2.1
• 2026.2.2
• 2026.2.3
• 2026.2.4
• 2026.2.5
• 2026.2.6
• 2026.2.7
• 2026.2.8
• 2026.2.9
• 2026.2.10
• 2026.2.11
• 2026.2.12
• 2026.2.13
• 2026.2.14

License

• open-source

Website

• Product: https://github.com/openclaw/openclaw/

Timelineinfo

02/27/2026 CVE reserved
03/06/2026 +7 days Advisory disclosed
03/06/2026 +0 days VulDB entry created
03/08/2026 +2 days VulDB entry last update

Sourcesinfo

Product: github.com

Advisory: GHSA-mmpf-jwf4-h3qv
False Positive: Yes

CVE: CVE-2026-28484 (🔒)
GCVE (CVE): GCVE-0-2026-28484
GCVE (VulDB): GCVE-100-349386

Entryinfo

Created: 03/06/2026 07:47
Updated: 03/08/2026 08:08
Changes: 03/06/2026 07:47 (78), 03/08/2026 08:08 (3)
Complete: 🔍
Cache ID: 216::103

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Discussion

Want to know what is going to be exploited?

We predict KEV entries!