Description
OpenClaw before 2026.3.28 contains an environment variable sanitization vulnerability where GIT_TEMPLATE_DIR and AWS_CONFIG_FILE are not blocked in the host-env blocklist. Attackers can exploit approved exec requests to redirect git or AWS CLI behavior through attacker-controlled configuration files to execute untrusted code or load malicious credentials.
Published: 2026-04-23
Score: 5.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Patch
AI Analysis

Impact

OpenClaw before 2026.3.28 contains an environment variable sanitization vulnerability where GIT_TEMPLATE_DIR and AWS_CONFIG_FILE are not blocked in the host‑env blocklist. Attackers can exploit approved exec requests to redirect git or AWS CLI behavior through attacker‑controlled configuration files to execute untrusted code or load malicious credentials. This flaw allows an attacker to run arbitrary code with the privileges of the OpenClaw process and can also expose sensitive AWS credentials if the configuration files are malicious.

Affected Systems

The vulnerability affects all OpenClaw installations running a version earlier than 2026.3.28. Any deployment using the default host‑env blocklist configuration without these variables blocked is susceptible.

Risk and Exploitability

The CVSS score of 5.8 indicates a moderate severity, and the EPSS score of less than 1 % suggests a low probability of exploitation in the wild. It is not listed in the CISA KEV catalog. Exploitation likely requires an attacker who can trigger approved exec requests within the OpenClaw environment, such as an authenticated user or a process with elevated privileges. If successful, the attacker can gain remote code execution capabilities and potentially compromise stored AWS credentials.

Generated by OpenCVE AI on April 28, 2026 at 07:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update OpenClaw to version 2026.3.28 or newer, which contains the environment variable blocklist fix.
  • If upgrading immediately is not possible, modify the host‑env blocklist configuration to explicitly block GIT_TEMPLATE_DIR and AWS_CONFIG_FILE, preventing their use in exec requests.
  • Regularly audit the environment variable usage in OpenClaw exec requests and enforce strict input sanitization so only trusted variables are allowed.
  • Monitor execution logs for suspicious git or AWS CLI calls and block any unauthorized requests that may indicate exploitation.

Generated by OpenCVE AI on April 28, 2026 at 07:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-m866-6qv5-p2fg OpenClaw host-env blocklist missing `GIT_TEMPLATE_DIR` and `AWS_CONFIG_FILE` allows code execution via env override
History

Fri, 24 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 23 Apr 2026 22:15:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.3.28 contains an environment variable sanitization vulnerability where GIT_TEMPLATE_DIR and AWS_CONFIG_FILE are not blocked in the host-env blocklist. Attackers can exploit approved exec requests to redirect git or AWS CLI behavior through attacker-controlled configuration files to execute untrusted code or load malicious credentials.
Title OpenClaw < 2026.3.28 - Code Execution via Missing Environment Variable Blocklist
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-184
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N'}

cvssV4_0

{'score': 5.8, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-24T18:19:30.910Z

Reserved: 2026-04-20T14:03:06.199Z

Link: CVE-2026-41332

cve-icon Vulnrichment

Updated: 2026-04-24T16:46:28.820Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-23T22:16:38.907

Modified: 2026-04-29T17:10:15.237

Link: CVE-2026-41332

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T07:30:26Z

Weaknesses