Description
OpenClaw before 2026.3.28 contains an environment variable disclosure vulnerability in the jq safe-bin policy that fails to block the $ENV filter. Attackers can bypass safe-bin restrictions by using $ENV in jq programs to access sensitive environment variables that should be restricted.
Published: 2026-04-27
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Sensitive Information Disclosure
Action: Immediate Patch
AI Analysis

Impact

OpenClaw versions released before 2026.3.28 contain a flaw in the jq safe‑bin policy that fails to block the $ENV filter. An attacker who can supply a jq program to the application can bypass these restrictions and read environment variables that should be protected. The vulnerability allows disclosure of potentially sensitive information such as database credentials, API keys, or other secrets, which can be leveraged in further attacks such as credential theft or privilege escalation. The weakness is a form of CWE‑668, where untrusted data is used to access system resources.

Affected Systems

The affected product is OpenClaw, a Node.js application. All releases prior to version 2026.3.28 are vulnerable; later releases implement a fix that disallows the $ENV filter in the safe‑bin policy.

Risk and Exploitability

The CVSS score of 7.1 indicates a high severity for information disclosure. The EPSS score is not available, so the exact likelihood of exploitation cannot be quantified, but the vulnerability is not listed in the CISA KEV catalog, suggesting no current known public exploits. The attack vector is inferred to be remote in nature, requiring the attacker to inject a jq program via an exposed API or configuration file that is parsed by the application. Once the vulnerability is triggered, the attacker can read any environment variable the process has access to, potentially compromising critical secrets and downstream systems.

Generated by OpenCVE AI on April 28, 2026 at 19:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.3.28 or later, which removes the $ENV filter from the safe‑bin policy.
  • If an immediate upgrade is not feasible, configure the application to reject jq programs that contain the $ENV filter by enforcing a stricter safe‑bin policy or disabling jq usage in untrusted contexts.
  • After patching, rotate any secrets that were exposed through environment variables and consider using a dedicated secret‑management solution to avoid future leaks.

Generated by OpenCVE AI on April 28, 2026 at 19:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 27 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.3.28 contains an environment variable disclosure vulnerability in the jq safe-bin policy that fails to block the $ENV filter. Attackers can bypass safe-bin restrictions by using $ENV in jq programs to access sensitive environment variables that should be restricted.
Title OpenClaw < 2026.3.28 - Environment Variable Disclosure via jq $ENV Filter Bypass
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-668
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-28T12:43:15.455Z

Reserved: 2026-04-20T14:09:02.629Z

Link: CVE-2026-41368

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-04-28T00:16:26.047

Modified: 2026-04-28T18:44:57.820

Link: CVE-2026-41368

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T19:45:07Z

Weaknesses