Description
OpenClaw before 2026.4.20 fails to properly reserve the OPENCLAW_ runtime-control environment namespace in workspace dotenv files, allowing attackers to override critical runtime variables. Malicious workspaces can set variables like OPENCLAW_GIT_DIR to manipulate trusted OpenClaw runtime behavior during source-update or installer flows.
Published: 2026-05-06
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenClaw processes workspace dotenv files without reserving the OPENCLAW_ prefix, allowing an attacker who can supply a workspace with a dotenv file to override critical runtime environment variables. Variables such as OPENCLAW_GIT_DIR may be set to arbitrary values, enabling the trusted OpenClaw instance to perform untrusted actions during source‑update or installer flows. This privilege escalation can lead to code execution or other unauthorized operations.

Affected Systems

The vulnerability affects the OpenClaw product from the vendor OpenClaw. All releases prior to 2026.4.20 are susceptible. It is present whenever workspace dotenv files are interpreted by the runtime.

Risk and Exploitability

The CVSS score of 8.5 indicates a high severity. No EPSS data is available, so the exploitation probability cannot be quantified, but the issue has been documented by security teams and listed in advisory references. Because the attacker only needs to place a malicious workspace file on a system that runs OpenClaw, the attack vector is local or remote depending on how workspaces are provided. The vulnerability is not listed in the CISA KEV catalog, yet the potential for runtime tampering is significant, underscoring the importance of applying the patch promptly.

Generated by OpenCVE AI on May 6, 2026 at 21:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.4.20 or later, where the OPENCLAW_ namespace is properly reserved.
  • Verify that workspace dotenv files come from trusted sources; enforce file integrity checks or disable workspace dotenv processing if not needed.
  • Restrict write permissions on directories containing workspace files to prevent unauthorized modifications.
  • Review and sanitize any environment variables that OpenClaw imports from external files to ensure no unintended overrides.

Generated by OpenCVE AI on May 6, 2026 at 21:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 06 May 2026 20:15:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.4.20 fails to properly reserve the OPENCLAW_ runtime-control environment namespace in workspace dotenv files, allowing attackers to override critical runtime variables. Malicious workspaces can set variables like OPENCLAW_GIT_DIR to manipulate trusted OpenClaw runtime behavior during source-update or installer flows.
Title OpenClaw < 2026.4.20 - Environment Variable Namespace Collision via Workspace dotenv
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-184
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-07T13:53:04.000Z

Reserved: 2026-05-05T11:30:46.259Z

Link: CVE-2026-44114

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-06T20:16:35.340

Modified: 2026-05-06T21:20:52.707

Link: CVE-2026-44114

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-06T23:15:17Z

Weaknesses