diff --git a/advisories/github-reviewed/2026/03/GHSA-g353-mgv3-8pcj/GHSA-g353-mgv3-8pcj.json b/advisories/github-reviewed/2026/03/GHSA-g353-mgv3-8pcj/GHSA-g353-mgv3-8pcj.json
index 78161cce76b83..9247ce4792d22 100644
--- a/advisories/github-reviewed/2026/03/GHSA-g353-mgv3-8pcj/GHSA-g353-mgv3-8pcj.json
+++ b/advisories/github-reviewed/2026/03/GHSA-g353-mgv3-8pcj/GHSA-g353-mgv3-8pcj.json
@@ -1,11 +1,11 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-g353-mgv3-8pcj",
-  "modified": "2026-03-13T20:55:34Z",
+  "modified": "2026-03-13T20:55:35Z",
   "published": "2026-03-13T20:55:34Z",
   "aliases": [],
   "summary": "OpenClaw: Feishu webhook mode accepted forged events when only `verificationToken` was configured",
-  "details": "### Summary\n\nFeishu webhook mode allowed deployments that configured only `verificationToken` without `encryptKey`. In that state, forged inbound events could be accepted because the weaker configuration did not provide the required cryptographic verification boundary.\n\n### Impact\n\nAn unauthenticated network attacker who could reach the webhook endpoint could inject forged Feishu events, impersonate senders, and potentially trigger downstream tool execution subject to the local agent policy.\n\n### Affected versions\n\n`openclaw` `<= 2026.3.11`\n\n### Patch\n\nFixed in `openclaw` `2026.3.12`. Feishu webhook mode now fails closed unless `encryptKey` is configured, and the webhook transport rejects missing or invalid signatures before dispatch. Update to `2026.3.12` or later and configure `encryptKey` for webhook deployments.",
+  "details": "### Summary\n\nFeishu webhook mode allowed deployments that configured only `verificationToken` without `encryptKey`. In that state, forged inbound events could be accepted because the weaker configuration did not provide the required cryptographic verification boundary.\n\n### Impact\n\nAn unauthenticated network attacker who could reach the webhook endpoint could inject forged Feishu events, impersonate senders, and potentially trigger downstream tool execution subject to the local agent policy.\n\n### Affected versions\n\n`openclaw` `<= 2026.3.11`\n\n### Patch\n\nFixed in `openclaw` `2026.3.12`. Feishu webhook mode now fails closed unless `encryptKey` is configured, and the webhook transport rejects missing or invalid signatures before dispatch. Update to `2026.3.12` or later and configure `encryptKey` for webhook deployments.\n\n🚀 طريقة الاستخدام:\n# 1. إنشاء الملف\nnano security-fix.sh\n# [الصق المحتوى من الـ Artifact]\n\n# 2. إعطاء صلاحيات التنفيذ\nchmod +x security-fix.sh\n\n# 3. التشغيل\n./security-fix.sh",
   "severity": [
     {
       "type": "CVSS_V3",