2 matches found
EUVD-2026-45092
OpenClaw versions before 2026.6.6 contain an environment variable filtering vulnerability in host exec that fails to properly sanitize rustup startup variables. Attackers with lower-trust caller access or configured input paths can execute or persist actions beyond their intended authorization...
CVE-2026-62203
OpenClaw vulnerable before version 2026.6.6 due to an environment variable filtering issue in host exec that fails to sanitize rustup startup variables. Affected product: OpenClaw. Root cause: improper sanitization of environment variables during rustup startup. Impact: attackers with lower-trust...