CVE-2026-24763 Authenticated Command Injection in OpenClaw Docker Execution via PATH Environment Variable

OpenClaw formerly Clawdbot is a personal AI assistant you run on your own devices. Prior to 2026.1.29, a command injection vulnerability existed in OpenClaw’s Docker sandbox execution mechanism due to unsafe handling of the PATH environment variable when constructing shell commands. An...