Description
OpenClaw versions prior to commit b57b680 contain an approval bypass vulnerability due to inconsistent environment variable normalization between approval and execution paths, allowing attackers to inject attacker-controlled environment variables into execution without approval system validation. Attackers can exploit differing normalization logic to discard non-portable keys during approval processing while accepting them at execution time, bypassing operator review and potentially influencing runtime behavior including execution of attacker-controlled binaries.
Published: 2026-04-02
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote code execution via injected environment variables
Action: Immediate Patch
AI Analysis

Impact

OpenClaw versions before a recent commit normalize environment variables differently for approval and execution. Because the approval path discards non-portable keys while the execution path accepts them, an attacker can supply environment variables that satisfy execution but bypass approval checks. This allows the attacker to influence runtime behavior, including launching attacker‑controlled binaries, effectively achieving remote code execution.

Affected Systems

All OpenClaw deployments running a pre‑b57b680 commit. The affected product is OpenClaw, the open‑source firewall platform. The vulnerability applies regardless of the node.js runtime version because it targets the OpenClaw code.

Risk and Exploitability

The CVSS score is 6.9, indicating a medium severity. EPSS is unavailable and the issue is not listed in the CISA KEV catalog. The likely attack vector is inferred: an attacker who can set the environment of an OpenClaw process—either locally or remotely if the process runs with elevated privileges—can inject variables that bypass the approval system. Exploitation requires the attacker to have the ability to influence the execution environment; no network‑level access is explicitly stated.

Generated by OpenCVE AI on April 2, 2026 at 22:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to a version that includes commit b57b680c0c34de907d57f60c38fb358e82aef8f7 or apply the corresponding patch.
  • If an immediate upgrade is not possible, temporarily restrict the set of environment variables passed to OpenClaw processes to a trusted subset.
  • Verify that environment variable normalization is consistent between approval and execution paths in the deployed OpenClaw configuration.

Generated by OpenCVE AI on April 2, 2026 at 22:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 17:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description OpenClaw versions prior to commit b57b680 contain an approval bypass vulnerability due to inconsistent environment variable normalization between approval and execution paths, allowing attackers to inject attacker-controlled environment variables into execution without approval system validation. Attackers can exploit differing normalization logic to discard non-portable keys during approval processing while accepting them at execution time, bypassing operator review and potentially influencing runtime behavior including execution of attacker-controlled binaries.
Title OpenClaw - Approval Bypass via Environment Variable Normalization
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-184
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 7.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-03T16:17:00.360Z

Reserved: 2026-03-27T15:24:06.752Z

Link: CVE-2026-34426

cve-icon Vulnrichment

Updated: 2026-04-03T16:16:56.312Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-02T19:21:31.727

Modified: 2026-04-03T16:10:23.730

Link: CVE-2026-34426

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:16:47Z

Weaknesses