163 matches found
OpenClaw: HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS missing from exec env denylist — RCE via build tool env injection (GHSA-cm8v-2vh9-cxf3 class)
Impact HGRCPATH, CARGOBUILDRUSTCWRAPPER, RUSTCWRAPPER, and MAKEFLAGS missing from exec env denylist — RCE via build tool env injection GHSA-cm8v-2vh9-cxf3 class. Missing denylist entries allowed hostile build-tool environment variables to influence host exec commands. OpenClaw is a user-controlle...
PT-2026-31782
PraisonAI is a multi-agent teams system. Prior to 4.5.128, deploy.py constructs a single comma-delimited string for the gcloud run deploy --set-env-vars argument by directly interpolating openai model, openai key, and openai base without validating that these values do not contain commas. gcloud...
Untrusted Search Path
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Untrusted Search Path via the CLI backend runner process. An attacker can inject arbitrary environment variables by providing a malicious workspace configuration, potentially leading to...
OpenClaw Has Incomplete Fix for CVE-2026-4039: CLI Backend Environment Variable Injection via Workspace Config
Summary Incomplete Fix for CVE-2026-4039: CLI Backend Environment Variable Injection via Workspace Config Current Maintainer Triage - Status: open - Normalized severity: high - Assessment: Real shipped malicious-workspace-config env injection in the CLI backend runner, fixed by sanitizing backend...
GHSA-VFW7-6RHC-6XXG OpenClaw Has Incomplete Fix for CVE-2026-4039: CLI Backend Environment Variable Injection via Workspace Config
Summary Incomplete Fix for CVE-2026-4039: CLI Backend Environment Variable Injection via Workspace Config Current Maintainer Triage - Status: open - Normalized severity: high - Assessment: Real shipped malicious-workspace-config env injection in the CLI backend runner, fixed by sanitizing backend...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Previous versions of OpenClaw b57b680 contained security vulnerabilities. These vulnerabilities stemmed from inconsistent normalization of environment variables between the approval and execution paths, which could...
CVE-2026-32003
OpenClaw versions prior to 2026.2.22 contain an environment variable injection vulnerability in the system.run function that allows attackers to bypass command allowlist restrictions via SHELLOPTS and PS4 environment variables. An attacker who can invoke system.run with request-scoped environment...
CVE-2026-32003
CVE-2026-32003 affects OpenClaw, versions prior to 2026.2.22, where the system.run function is vulnerable to environment variable injection via SHELLOPTS and PS4. A request-scoped environment variable can bypass the command allowlist by exploiting bash xtrace expansion, allowing execution of arbi...
EUVD-2026-13257
OpenClaw versions prior to 2026.2.22 contain an environment variable injection vulnerability in the system.run function that allows attackers to bypass command allowlist restrictions via SHELLOPTS and PS4 environment variables. An attacker who can invoke system.run with request-scoped environment...
CVE-2026-32003
OpenClaw versions prior to 2026.2.22 contain an environment variable injection vulnerability in the system.run function that allows attackers to bypass command allowlist restrictions via SHELLOPTS and PS4 environment variables. An attacker who can invoke system.run with request-scoped environment...
EUVD-2026-12720
OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODEOPTIONS or LD through configuration to execute arbitrary code in the OpenClaw gateway service...
CVE-2026-22177 OpenClaw < 2026.2.21 - Environment Variable Injection via Config env.vars
OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODEOPTIONS or LD through configuration to execute arbitrary code in the OpenClaw gateway service...
CVE-2026-27203
eBay API MCP Server is an open source local MCP server providing AI assistants with comprehensive access to eBay's Sell APIs. All versions are vulnerable to Environment Variable Injection through the updateEnvFile function. The ebaysetusertokens tool allows updating the .env file with new tokens...
eBay API MCP Server 注入漏洞
The eBay API MCP Server is a context-based protocol server developed by YosefHayim as an individual developer. The eBay API MCP Server has a vulnerability related to environment variable injection in the updateEnvFile function. This vulnerability may lead to configuration overrides, denial of...
CVE-2026-27203
eBay API MCP Server is an open source local MCP server providing AI assistants with comprehensive access to eBay's Sell APIs. All versions are vulnerable to Environment Variable Injection through the updateEnvFile function. The ebaysetusertokens tool allows updating the .env file with new tokens...
CVE-2026-27203 eBay API MCP Server Affected by Environment Variable Injection
eBay API MCP Server is an open source local MCP server providing AI assistants with comprehensive access to eBay's Sell APIs. All versions are vulnerable to Environment Variable Injection through the updateEnvFile function. The ebaysetusertokens tool allows updating the .env file with new tokens...
CVE-2026-27203 eBay API MCP Server Affected by Environment Variable Injection
eBay API MCP Server is an open source local MCP server providing AI assistants with comprehensive access to eBay's Sell APIs. All versions are vulnerable to Environment Variable Injection through the updateEnvFile function. The ebaysetusertokens tool allows updating the .env file with new tokens...
CVE-2026-27203
The CVE-2026-27203 entry affects ebay-mcp (eBay API MCP Server), where the updateEnvFile function in src/auth/oauth.ts blindly appends or replaces values, enabling CRLF/environment variable injection via the ebay_set_user_tokens tool. This can inject arbitrary environment variables into the .env ...
CVE-2026-27203 eBay API MCP Server Affected by Environment Variable Injection
eBay API MCP Server is an open source local MCP server providing AI assistants with comprehensive access to eBay's Sell APIs. All versions are vulnerable to Environment Variable Injection through the updateEnvFile function. The ebaysetusertokens tool allows updating the .env file with new tokens...
GHSA-97RM-XJ73-33JH eBay API MCP Server Affected by Environment Variable Injection
The ebaysetusertokens tool allows updating the .env file with new tokens. The updateEnvFile function in src/auth/oauth.ts blindly appends or replaces values without validating them for newlines or quotes. This allows an attacker to inject arbitrary environment variables into the configuration fil...