CVE-2026-4039 - Vulnerability Details

Description

A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1 is able to resolve this issue. This patch is called 8c9f35cdb51692b650ddf05b259ccdd75cc9a83c. It is recommended to upgrade the affected component.

Published: 2026-03-12

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

OpenClaw version 2026.2.19‑2 contains a vulnerability in the function applySkillConfigenvOverrides of the Skill Env Handler component. According to the advisory, manipulating data processed by this function can lead to code injection, allowing an attacker to execute arbitrary code within the context of the OpenClaw process. The weakness is classified as CWE‑74 and CWE‑94, indicating that user input is not properly sanitized before being used in code execution paths. The vulnerability description explicitly states that the attack can be launched remotely, but no further details about the required conditions are provided.

Affected Systems

The affected product is OpenClaw, with deployments of version 2026.2.19‑2 identified as vulnerable. The public advisory recommends upgrading to version 2026.2.21‑beta.1, which incorporates the security fix (commit 8c9f35cdb51692b650ddf05b259ccdd75cc9a83c). Affected CPE strings include openclaw:openclaw and openclaw:openclaw:node.js. No other vendors or product versions are listed in the CVE data.

Risk and Exploitability

The CVSS base score is 5.3, indicating a moderate severity risk. The EPSS score is reported as less than 1%, implying that the likelihood of exploitation is low at present. The vulnerability is not present in the CISA Known Exploited Vulnerabilities catalog, meaning there are no documented active exploitations. An attacker would need to reach the target system over the network to trigger the remote code injection described in the advisory. These facts suggest that while the risk is moderate, practical exploitation remains uncommon based on available evidence.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

OpenClaw

affected

Version	Status	Constraints
`2026.2.19-2`	affected	—
`2026.2.21-beta.1`	unaffected	—

Configuration 1 [-]

cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*

No data.

Vendor Product Confidence Versions

Openclaw

95%

Version	Status	Scheme	Platform
`2026.2.19-2`	affected	semver	—
`2026.2.21-beta.1`	unaffected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade OpenClaw to the fixed release v2026.2.21‑beta.1 as recommended by the vendor.

Generated by OpenCVE AI on March 17, 2026 at 17:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Github GHSA	GHSA-82g8-464f-2mv7	OpenClaw: Skill env override host env injection via applySkillConfigEnvOverrides (defense-in-depth)

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00087.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/openclaw/openclaw/
https://github.com/openclaw/openclaw/commit/8c9f35cdb51692b650ddf05b259ccdd75cc9a83c
https://github.com/openclaw/openclaw/releases/tag/v2026.2.21-beta.1
https://github.com/openclaw/openclaw/security/advisories/GHSA-82g8-464f-2mv7
https://vuldb.com/?ctiid.350651
https://vuldb.com/?id.350651
https://vuldb.com/?submit.769580

History

Mon, 16 Mar 2026 18:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:openclaw:openclaw::::::node.js::*

Thu, 12 Mar 2026 13:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 12 Mar 2026 12:15:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1 is able to resolve this issue. This patch is called 8c9f35cdb51692b650ddf05b259ccdd75cc9a83c. It is recommended to upgrade the affected component.
Title		OpenClaw Skill Env applySkillConfigenvOverrides code injection
First Time appeared		Openclaw Openclaw openclaw
Weaknesses		CWE-74 CWE-94
CPEs		cpe:2.3:a:openclaw:openclaw::::::::
Vendors & Products		Openclaw Openclaw openclaw
References		https://github.com/openclaw/openclaw/ https://github.com/openclaw/openclaw/commit/8c9f35cdb51692b650ddf05b259ccdd75cc9a83c https://github.com/openclaw/openclaw/releases/tag/v2026.2.21-beta.1 https://github.com/openclaw/openclaw/security/advisories/GHSA-82g8-464f-2mv7 https://vuldb.com/?ctiid.350651 https://vuldb.com/?id.350651 https://vuldb.com/?submit.769580
Metrics		cvssV2_0 `{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:OF/RC:C'}` cvssV3_0 `{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C'}` cvssV3_1 `{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C'}` cvssV4_0 `{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X'}`

Subscriptions

Openclaw Openclaw

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-03-12T12:02:10.143Z

Updated: 2026-03-12T13:10:51.077Z

Reserved: 2026-03-12T06:46:12.632Z

Link: CVE-2026-4039

Vulnrichment

Updated: 2026-03-12T13:10:46.831Z

NVD

Status : Analyzed

Published: 2026-03-12T12:15:59.740

Modified: 2026-03-16T18:02:55.483

Link: CVE-2026-4039

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-20T15:49:52Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object