Description
OpenClaw before 2026.3.24 contains an arbitrary code execution vulnerability in local plugin and hook installation that allows attackers to execute malicious code by crafting a .npmrc file with a git executable override. During npm install execution in the staged package directory, attackers can leverage git dependencies to trigger execution of arbitrary programs specified in the attacker-controlled .npmrc configuration file.
Published: 2026-04-10
Score: 8.4 High
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary code execution
Action: Immediate Patch
AI Analysis

Impact

OpenClaw versions earlier than 2026.3.24 expose an arbitrary code execution flaw during local plugin or hook installation. A compromised attacker can create a crafted .npmrc file that overrides the git executable. When npm install runs in the staged package directory, the overridden git command is invoked, allowing the execution of arbitrary programs specified by the attacker. This flaw satisfies CWE‑349 and permits the attacker to gain full code‑execution privileges on the system running OpenClaw, potentially compromising confidential data, altering system integrity, and disrupting availability.

Affected Systems

The vulnerability affects the OpenClaw application. All installations of OpenClaw running a version prior to 2026.3.24 are susceptible. Users on any platform supported by the software that perform local plugin or hook installation are at risk.

Risk and Exploitability

The flaw carries a CVSS score of 8.4, indicating high severity. No EPSS score is available and the issue is not listed in CISA's KEV catalog. Attackers can exploit the vulnerability by creating a malicious .npmrc file during plugin installation, which can be achieved locally if the user is privileged or, in some scenarios, remotely if an attacker can influence the installation process. The lack of requirement for elevated privileges lowers the barrier to exploitation. Given the high impact and the relatively straightforward exploitation path, the risk to organizations using affected OpenClaw versions is significant.

Generated by OpenCVE AI on April 10, 2026 at 17:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to 2026.3.24 or later
  • Verify that no attacker‑controlled .npmrc files exist in plugin directories
  • Restrict write permissions on the plugin installation directories to prevent unauthorized .npmrc creation
  • Disable or sandbox the git executable used during package installation
  • Monitor installation logs for unexpected .npmrc usage
  • Stay informed of vendor updates

Generated by OpenCVE AI on April 10, 2026 at 17:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-m3mh-3mpg-37hw OpenClaw has an Arbitrary Malicious Code Execution Vulnerability
History

Tue, 14 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 10 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.3.24 contains an arbitrary code execution vulnerability in local plugin and hook installation that allows attackers to execute malicious code by crafting a .npmrc file with a git executable override. During npm install execution in the staged package directory, attackers can leverage git dependencies to trigger execution of arbitrary programs specified in the attacker-controlled .npmrc configuration file.
Title OpenClaw < 2026.3.24 - Arbitrary Code Execution via .npmrc in Local Plugin/Hook Installation
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-349
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.4, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-14T14:30:49.773Z

Reserved: 2026-04-04T12:30:33.464Z

Link: CVE-2026-35641

cve-icon Vulnrichment

Updated: 2026-04-14T14:30:38.354Z

cve-icon NVD

Status : Modified

Published: 2026-04-10T17:17:04.697

Modified: 2026-04-14T15:16:30.090

Link: CVE-2026-35641

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-13T13:00:59Z

Weaknesses