From 6d429d4bf2c0fb0e7041361a7315e9f8b60d823b Mon Sep 17 00:00:00 2001
From: Luka <15184862+anlakii@users.noreply.github.com>
Date: Tue, 21 Apr 2026 01:44:54 +0200
Subject: [PATCH] Improve GHSA-4hmj-39m8-jwc7

---
 .../2026/03/GHSA-4hmj-39m8-jwc7/GHSA-4hmj-39m8-jwc7.json  | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/advisories/github-reviewed/2026/03/GHSA-4hmj-39m8-jwc7/GHSA-4hmj-39m8-jwc7.json b/advisories/github-reviewed/2026/03/GHSA-4hmj-39m8-jwc7/GHSA-4hmj-39m8-jwc7.json
index 611f342cdffc0..9c435b13fd2d1 100644
--- a/advisories/github-reviewed/2026/03/GHSA-4hmj-39m8-jwc7/GHSA-4hmj-39m8-jwc7.json
+++ b/advisories/github-reviewed/2026/03/GHSA-4hmj-39m8-jwc7/GHSA-4hmj-39m8-jwc7.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4hmj-39m8-jwc7",
-  "modified": "2026-04-10T19:44:42Z",
+  "modified": "2026-04-10T19:44:43Z",
   "published": "2026-03-29T15:50:41Z",
   "aliases": [
     "CVE-2026-35651"
@@ -9,13 +9,9 @@
   "summary": "OpenClaw has ACP CLI approval prompt ANSI escape sequence injection",
   "details": "## Summary\n\nACP CLI approval prompt ANSI escape sequence injection\n\n## Affected Packages / Versions\n\n- Package: `openclaw`\n- Affected versions: `>= 2026.2.13, <= 2026.3.24`\n- First patched version: `2026.3.25`\n- Latest published npm version at verification time: `2026.3.24`\n\n## Details\n\nACP tool titles could previously carry ANSI control sequences into approval prompts and permission logs, letting untrusted tool metadata spoof terminal output. Commit `464e2c10a5edceb380d815adb6ff56e1a4c50f60` sanitizes tool titles at the source and broadens ANSI stripping to full CSI sequences.\n\nVerified vulnerable on tag `v2026.3.24` and fixed on `main` by commit `464e2c10a5edceb380d815adb6ff56e1a4c50f60`.\n\n## Fix Commit(s)\n\n- `464e2c10a5edceb380d815adb6ff56e1a4c50f60`",
   "severity": [
-    {
-      "type": "CVSS_V3",
-      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
-    },
     {
       "type": "CVSS_V4",
-      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/"
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
     }
   ],
   "affected": [