16 matches found
CVE-2026-53864 OpenClaw < 2026.5.26 - Insufficient Environment Variable Sanitization in Node.js Control Variables
OpenClaw before 2026.5.26 contains an insufficient sanitization vulnerability in the host environment sanitizer that allows Node.js control variables to bypass validation. Attackers with access to workspace .env files, tool environment overrides, or skill environment blocks can pass malicious...
CVE-2026-53864 OpenClaw < 2026.5.26 - Insufficient Environment Variable Sanitization in Node.js Control Variables
OpenClaw before 2026.5.26 contains an insufficient sanitization vulnerability in the host environment sanitizer that allows Node.js control variables to bypass validation. Attackers with access to workspace .env files, tool environment overrides, or skill environment blocks can pass malicious...
PT-2026-49781
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.26 Description Insufficient sanitization in the host environment sanitizer allows Node.js control variables to bypass validation. Attackers with access to workspace .env files, tool environment overrides, or...
EUVD-2026-26096
OpenClaw before 2026.3.22 contains an incomplete host environment variable sanitization vulnerability in host-env-security-policy.json and host-env-security.ts that allows package-manager environment overrides. Attackers can exploit approved exec requests to redirect package resolution or runtime...
CVE-2026-41387
OpenClaw before 2026.3.22 contains an incomplete host environment variable sanitization vulnerability in host-env-security-policy.json and host-env-security.ts that allows package-manager environment overrides. Attackers can exploit approved exec requests to redirect package resolution or runtime...
CVE-2026-41373 OpenClaw < 2026.3.31 - Compiler Binary Substitution via Environment Variable Override in Host Execution Policy
OpenClaw before 2026.3.31 contains an incomplete host-env-security-policy.json that fails to restrict compiler binary environment variables, allowing untrusted models to substitute CC, CXX, CARGOBUILDRUSTC, and CMAKECCOMPILER via environment overrides. Attackers with approved host-exec requests c...
PT-2026-35772
OpenClaw before 2026.3.22 contains an incomplete host environment variable sanitization vulnerability in host-env-security-policy.json and host-env-security.ts that allows package-manager environment overrides. Attackers can exploit approved exec requests to redirect package resolution or runtime...
OpenClaw: Incomplete host-env-security-policy allows untrusted model to substitute compiler binaries via env overrides
Summary Incomplete host-env-security-policy.json allows untrusted model to substitute compiler binaries CC, CXX, CARGOBUILDRUSTC, CMAKECCOMPILER via env overrides on approved host exec requests Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Shipped v2026.3....
GHSA-G8XP-QX39-9JQ9 OpenClaw: Incomplete host-env-security-policy allows untrusted model to substitute compiler binaries via env overrides
Summary Incomplete host-env-security-policy.json allows untrusted model to substitute compiler binaries CC, CXX, CARGOBUILDRUSTC, CMAKECCOMPILER via env overrides on approved host exec requests Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Shipped v2026.3....
Uncontrolled Search Path Element
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Uncontrolled Search Path Element via environment variable overrides of compiler binaries during approved host execution requests. An attacker can execute arbitrary code by substituting...
OpenClaw's `system.run` env override filtering allowed dangerous helper-command pivots
Summary system.run env override sanitization allowed dangerous override-only helper-command pivots to reach subprocesses. A caller who could invoke system.run with env overrides could bypass allowlist/approval intent by steering an allowlisted tool through helper-command or config-loading...
Authorization Bypass Through User-Controlled Key
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the system.run process. An attacker can bypass intended allowlist or approval mechanisms by supplying crafted environment variable...
GHSA-XGF2-VXV2-RRMG OpenClaw's shell startup env injection bypasses system.run allowlist intent (RCE class)
Summary system.run environment sanitization allowed shell-startup env overrides HOME, ZDOTDIR that can execute attacker-controlled startup files before allowlist-evaluated command bodies. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.22 Technical Details In affected...
GHSA-82G8-464F-2MV7 OpenClaw: Skill env override host env injection via applySkillConfigEnvOverrides (defense-in-depth)
Summary applySkillConfigEnvOverrides previously copied skills.entries..env values into the host process.env without applying the host env safety policy. Impact In affected versions, dangerous process-level variables such as NODEOPTIONS could be injected when unset, which can influence...
CLSA-2024-1726841419 bind: Fix of 2 CVEs
CVE-2024-1737-1: introduced new configurable limits that prevent the loading into zones or into cache of DNS resource records RRs that exceed them - CVE-2024-1737-2: add environment variable DNSRDATASETMAXRECORDS, DNSRBTDBMAXRTYPES to override hardcoded limits DDNSRDATASETMAXRECORDS and...
CLSA-2024-1726841080 bind: Fix of 2 CVEs
CVE-2024-1737-1: introduced new configurable limits that prevent the loading into zones or into cache of DNS resource records RRs that exceed them - CVE-2024-1737-2: add environment variable DNSRDATASETMAXRECORDS, DNSRBTDBMAXRTYPES to override hardcoded limits DDNSRDATASETMAXRECORDS and...