Lucene search
+L

9 matches found

redhatcve
redhatcve
added 2026/03/26 3:6 p.m.4 views

CVE-2026-4039

A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1...

8.8CVSS6.2AI score0.00316EPSS
Exploits0References1
euvd
euvd
added 2026/03/12 12:30 p.m.4 views

EUVD-2026-11563

A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1...

6.5CVSS5.7AI score0.00316EPSS
Exploits0References8
osv
osv
added 2026/03/12 12:30 p.m.3 views

GHSA-WGX8-R9VW-2W4H Duplicate Advisory: OpenClaw: Skill env override host env injection via applySkillConfigEnvOverrides (defense-in-depth)

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-82g8-464f-2mv7. This link is maintained to preserve external references. Original Description A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function...

6.3CVSS5.6AI score0.00316EPSS
Exploits0References8
github
github
added 2026/03/12 12:30 p.m.9 views

Duplicate Advisory: OpenClaw: Skill env override host env injection via applySkillConfigEnvOverrides (defense-in-depth)

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-82g8-464f-2mv7. This link is maintained to preserve external references. Original Description A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function...

8.8CVSS5.6AI score0.00316EPSS
Exploits0References9Affected Software1
nvd
nvd
added 2026/03/12 12:15 p.m.6 views

CVE-2026-4039

A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1...

8.8CVSS0.00316EPSS
Exploits0References7
osv
osv
added 2026/03/12 12:2 p.m.4 views

CVE-2026-4039 OpenClaw Skill Env applySkillConfigenvOverrides code injection

A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1...

5.3CVSS6.4AI score0.00316EPSS
Exploits0References9
attackerkb
attackerkb
added 2026/03/12 12:2 p.m.11 views

CVE-2026-4039

A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1...

6.5CVSS5.7AI score0.00316EPSS
Exploits0References8
vulnrichment
vulnrichment
added 2026/03/12 12:2 p.m.2 views

CVE-2026-4039 OpenClaw Skill Env applySkillConfigenvOverrides code injection

A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1...

6.5CVSS5.7AI score0.00316EPSS
Exploits0References7
cve
cve
added 2026/03/12 12:2 p.m.21 views

CVE-2026-4039

Summary: CVE-2026-4039 affects OpenClaw 2026.2.19-2, specifically the Skill Env Handler’s function applySkillConfigenvOverrides, allowing remote code injection via manipulated environment configuration. A fix is published and the advisory notes upgrading to 2026.2.21-beta.1 (patch 8c9f35cdb51692b...

8.8CVSS5.7AI score0.00316EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder