7736 matches found
OpenClaw's config env vars allowed startup env injection into service runtime
Summary OpenClaw allowed dangerous process-control environment variables from env.vars for example NODEOPTIONS, LD, DYLD to flow into gateway service runtime environments, enabling startup-time code execution in the OpenClaw process context. Details collectConfigEnvVars accepted unfiltered keys...
GHSA-8FMP-37RC-P5G7 OpenClaw's config env vars allowed startup env injection into service runtime
Summary OpenClaw allowed dangerous process-control environment variables from env.vars for example NODEOPTIONS, LD, DYLD to flow into gateway service runtime environments, enabling startup-time code execution in the OpenClaw process context. Details collectConfigEnvVars accepted unfiltered keys...
GHSA-43X4-G22P-3HRQ OpenClaw: Chrome --no-sandbox disabled OS-level browser sandbox in sandbox browser container
Summary Sandbox browser container launched Chromium with --no-sandbox by default, disabling Chromium's OS-level sandbox protections. Affected Packages / Versions - Package: openclaw npm ecosystem - Latest published npm version at triage time 2026-02-21: 2026.2.19-2 - Affected range: = 2026.2.19-2...
OpenClaw: Chrome --no-sandbox disabled OS-level browser sandbox in sandbox browser container
Summary Sandbox browser container launched Chromium with --no-sandbox by default, disabling Chromium's OS-level sandbox protections. Affected Packages / Versions - Package: openclaw npm ecosystem - Latest published npm version at triage time 2026-02-21: 2026.2.19-2 - Affected range: = 2026.2.19-2...
OPENSUSE-SU-2026:20318-1 Security update for gitea-tea
This update for gitea-tea fixes the following issues: Changes in gitea-tea: - update to 0.12.0: New Features - Add tea actions commands for managing workflow runs and workflows in 880, 796 - Add tea api subcommand for arbitrary API calls not covered by existing commands in 879 - Add repository...
Command Injection
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Command Injection via the system.run shell-wrapper. An attacker can execute arbitrary shell commands outside the intended allowlisted command body by injecting SHELLOPTS and PS4 environme...
PT-2026-26008
Summary OpenClaw allowed dangerous process-control environment variables from env.vars for example NODE OPTIONS, LD , DYLD to flow into gateway service runtime environments, enabling startup-time code execution in the OpenClaw process context. Details collectConfigEnvVars accepted unfiltered keys...
PT-2026-24673
Summary A command injection vulnerability exists in OpenClaw’s Linux systemd unit generation path. When rendering Environment= entries, attacker-controlled values are not rejected for CR/LF, and systemdEscapeArg uses an incorrect whitespace-matching regex. This allows newline injection to break o...
PT-2026-26221
Summary A command injection vulnerability existed in Windows Scheduled Task script generation for OpenClaw. Environment values were written into gateway.cmd using unquoted set KEY=VALUE, which allowed Windows shell metacharacters in config-provided environment variables to break out of assignment...
Malicious code in amigapythonupdater (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46cf32631436ddacf36a4984b254c10554b4e94c6099c5012a96ec3a7c5426a1 During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
MAL-2026-1136 Malicious code in amigapythonupdater (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46cf32631436ddacf36a4984b254c10554b4e94c6099c5012a96ec3a7c5426a1 During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
Malicious code in wisecloudcyberark (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f0e320bedb4902833dec6f929dff31967c3d37ce699cb0ed5bc586f36f36b25e During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
MAL-2026-1142 Malicious code in wisecloudcyberark (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f0e320bedb4902833dec6f929dff31967c3d37ce699cb0ed5bc586f36f36b25e During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
Malicious code in heimdal-credentials (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 44b549b64558430b61d35bb2eb2cfcf8ec15d75bacb38af8f34deafe5d6add2c During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
MAL-2026-1140 Malicious code in heimdal-credentials (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 44b549b64558430b61d35bb2eb2cfcf8ec15d75bacb38af8f34deafe5d6add2c During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
MAL-2026-1143 Malicious code in wisecloudsecrets (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e4ed4357b3e8038ef404e043cc63aafe6484b20d94267c4f024a27d840a4a2fc During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
Malicious code in wisecloudsecrets (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e4ed4357b3e8038ef404e043cc63aafe6484b20d94267c4f024a27d840a4a2fc During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
Malicious code in fwk-amigapython (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8b565888509e90341d144143aa8e323b0e295d74f3857af52d94930d9d03a30f During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
MAL-2026-1137 Malicious code in fwk-amigapython (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8b565888509e90341d144143aa8e323b0e295d74f3857af52d94930d9d03a30f During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
Malicious code in fwk-amigapython-amigamlserver (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5d6f09429b123469b1fc83ceb4af35c595ff4b6e2631552fc857922ca921c4c5 During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...