What is GHSA-57r2-h2wj-g887?

GHSA-57r2-h2wj-g887 is a security advisory published by GitHub Security Advisories with Low severity. OpenClaw: Isolated cron awareness events were recorded as trusted system events

Which CVE IDs does GHSA-57r2-h2wj-g887 cover?

GHSA-57r2-h2wj-g887 covers the following CVE IDs: CVE-2026-44999. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

Which products are affected by GHSA-57r2-h2wj-g887?

GHSA-57r2-h2wj-g887 affects 1 product, including: npm/openclaw:\u003c 2026.4.20.

GHSA-57r2-h2wj-g887Low

OpenClaw: Isolated cron awareness events were recorded as trusted system events

Vendor

GitHub Security Advisories

Published

April 25, 2026

Last Modified

May 19, 2026

🔗 CVE IDs covered (1)

CVE-2026-44999 →

📋 Description

## Affected Packages / Versions - Package: `openclaw` (npm) - Affected versions: `< 2026.4.20` - Patched version: `2026.4.20` ## Impact Output from webhook-triggered isolated cron agent runs could be queued into the main session awareness stream without `trusted: false`. That made the event render as a trusted `System:` event instead of an untrusted system event. This is a trust-labeling issue that can strengthen prompt-injection impact, but it does not directly bypass gateway auth, tool policy, or sandboxing. Severity is low. ## Fix OpenClaw now preserves untrusted labels for isolated cron awareness events and forwards the trust flag through cron delivery helpers. Fix commit: - `f61896b03cc7031f51106a04566831f4ac2a0bd7` ## Release Fixed in OpenClaw `2026.4.20`.

🎯 Affected products1

npm/openclaw:< 2026.4.20

🔗 CVE IDs covered (1)

📋 Description

🎯 Affected products1

🔗 References (5)