OpenClaw before version 2026.3.31 fails to filter several critical environment variables – including package, registry, Docker, compiler, and TLS override values – when performing host execution operations. This insufficient sanitization permits an attacker to inject malicious values that can override system configuration settings and compromise the integrity of host‑side processes. As a result, the attacker may gain unauthorized code execution or privilege escalation on the host system.

Vendors and product affected: OpenClaw OpenClaw. The vulnerability exists in all releases prior to 2026.3.31 and is relevant to Node.js deployments of the OpenClaw application.

The CVSS score of 7.1 indicates a high severity with potential significant impact on confidentiality, integrity, and availability. The EPSS score is not available, and the vulnerability is not listed in CISA KEV, suggesting no widespread exploitation yet. Based on the description, it is inferred that the attack vector requires the attacker to influence environment variables passed to host execution commands; this could be achievable locally or, if the application accepts external input that affects environment settings, remotely. The precise exploitation conditions are not detailed, so organizations should treat this as a high‑risk flaw if they can run OpenClaw in a context where untrusted input can modify the environment.