GHSA-5V57-8RXJ-3P2R python-utcp: Full Process Environment Exposed to CLI Subprocess - Secrets Leakage via Command Injection

Summary prepareenvironment in clicommunicationprotocol.py passes a full copy of os.environ to every CLI subprocess. When combined with the Command Injection vulnerability CWE-78 in substituteutcpargs tracked as GHSA-33p6-5jxp-p3x4, an attacker can exfiltrate all process-level secrets in a single...

python-utcp: Full Process Environment Exposed to CLI Subprocess - Secrets Leakage via Command Injection

Summary prepareenvironment in clicommunicationprotocol.py passes a full copy of os.environ to every CLI subprocess. When combined with the Command Injection vulnerability CWE-78 in substituteutcpargs tracked as GHSA-33p6-5jxp-p3x4, an attacker can exfiltrate all process-level secrets in a single...

CVE-2026-41387

OpenClaw before 2026.3.22 contains an incomplete host environment variable sanitization vulnerability in host-env-security-policy.json and host-env-security.ts that allows package-manager environment overrides. Attackers can exploit approved exec requests to redirect package resolution or runtime...

CVE-2026-41373

OpenClaw before 2026.3.31 contains an incomplete host-env-security-policy.json that fails to restrict compiler binary environment variables, allowing untrusted models to substitute CC, CXX, CARGOBUILDRUSTC, and CMAKECCOMPILER via environment overrides. Attackers with approved host-exec requests c...

CVE-2026-24222

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...

CVE-2026-41387

OpenClaw before 2026.3.22 contains an incomplete host environment variable sanitization vulnerability in host-env-security-policy.json and host-env-security.ts that allows package-manager environment overrides. Attackers can exploit approved exec requests to redirect package resolution or runtime...

EUVD-2026-26096

OpenClaw before 2026.3.22 contains an incomplete host environment variable sanitization vulnerability in host-env-security-policy.json and host-env-security.ts that allows package-manager environment overrides. Attackers can exploit approved exec requests to redirect package resolution or runtime...

CVE-2026-41387

OpenClaw before 2026.3.22 contains an incomplete host environment variable sanitization vulnerability in host-env-security-policy.json and host-env-security.ts that allows package-manager environment overrides. Attackers can exploit approved exec requests to redirect package resolution or runtime...

EUVD-2026-26082

OpenClaw before 2026.3.31 contains an incomplete host-env-security-policy.json that fails to restrict compiler binary environment variables, allowing untrusted models to substitute CC, CXX, CARGOBUILDRUSTC, and CMAKECCOMPILER via environment overrides. Attackers with approved host-exec requests c...

CVE-2026-41373

OpenClaw vulnerable before 2026.3.31 due to an incomplete host-env-security-policy.json that does not restrict compiler environment variables. This allows untrusted models to substitute compiler binaries (CC, CXX, CARGO_BUILD_RUSTC, CMAKE_C_COMPILER) via environment overrides when an approved hos...

EUVD-2026-26079

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...

Duplicate Advisory: OpenClaw: Host exec environment sanitization misses package, registry, Docker, compiler, and TLS override variables

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-cg7q-fg22-4g98. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.31 contains insufficient environment variable sanitization in host exec operations, failing to...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.22 contained security vulnerabilities. These vulnerabilities stemmed from incomplete host environment variable cleanup mechanisms in the host-env-security-policy.json and...

NVIDIA NeMoClaw 安全漏洞

NVIDIA NeMoClaw is a large-scale behavior constraint and security control framework developed by NVIDIA Corporation in the United States. NVIDIA NeMoClaw has a security vulnerability. This vulnerability stems from issues with the sandbox environment initialization components. It may allow remote...

Duplicate Advisory: OpenClaw host-env blocklist missing `GIT_TEMPLATE_DIR` and `AWS_CONFIG_FILE` allows code execution via env override

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6p8r-6m93-557f. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.28 contains an environment variable sanitization vulnerability where GITTEMPLATEDIR and...

GHSA-PJ2R-F9MW-VRCQ PraisonAI Vulnerable to Sensitive Environment Variable Exposure via Untrusted MCP Subprocess Execution

PraisonAI’s MCP Model Context Protocol integration allows spawning background servers via stdio using user-supplied command strings e.g., MCP"npx -y @smithery/cli ...". These commands are executed through Python’s subprocess module. By default, the implementation forwards the entire parent proces...

CVE-2026-40159

PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI’s MCP Model Context Protocol integration allows spawning background servers via stdio using user-supplied command strings e.g., MCP"npx -y @smithery/cli ...". These commands are executed through Python’s subprocess module. By...

CVE-2026-40159 PraisonAI Exposes Sensitive Environment Variable via Untrusted MCP Subprocess Execution

PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI’s MCP Model Context Protocol integration allows spawning background servers via stdio using user-supplied command strings e.g., MCP"npx -y @smithery/cli ...". These commands are executed through Python’s subprocess module. By...

GHSA-CG7Q-FG22-4G98 OpenClaw: Host exec environment sanitization misses package, registry, Docker, compiler, and TLS override variables

Summary Host exec environment sanitization misses package, registry, Docker, compiler, and TLS override variables Current Maintainer Triage - Normalized severity: medium - Assessment: v2026.3.28 also misses the broader package, registry, compiler, Docker, and TLS env family in the shipped host-en...

OpenClaw: Host exec environment sanitization misses package, registry, Docker, compiler, and TLS override variables

Summary Host exec environment sanitization misses package, registry, Docker, compiler, and TLS override variables Current Maintainer Triage - Normalized severity: medium - Assessment: v2026.3.28 also misses the broader package, registry, compiler, Docker, and TLS env family in the shipped host-en...