Description
OpenClaw before 2026.5.2 contains an environment variable injection vulnerability allowing workspace .env files to influence Python runtime selection through CLOUDSDK_PYTHON during Gmail setup gcloud execution. Attackers with repository access can manipulate the CLOUDSDK_PYTHON variable to execute setup through unintended local Python paths, potentially enabling arbitrary code execution.
Published: 2026-06-16
Score: 7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenClaw versions prior to 2026.5.2 allow the CLOUDSDK_PYTHON environment variable to be set by a workspace .env file, which can be edited by anyone with write access to the repository. By tampering with this variable, an attacker can direct the gcloud command used in the Gmail setup to invoke a non‑trusted Python interpreter, giving the attacker the ability to run arbitrary code at the time of setup. The vulnerability is modeled as CWE‑426, an insecure credential disclosure or usage weakness.

Affected Systems

The affected product is OpenClaw OpenClaw. All installations using a version earlier than 2026.5.2 are vulnerable; upgrading to 2026.5.2 or later removes the flaw.

Risk and Exploitability

The CVSS score of 7 indicates high severity. The EPSS score of less than 1% shows that current exploitation probability is low, and the vulnerability is not listed in the CISA KEV catalog. However, exploitation requires repository write access, which is common in many collaborative projects. If an attacker controls repository settings or can commit malicious code, they can exploit this weakness during normal Gmail setup operations to execute arbitrary commands within the environment of the workflow runner.

Generated by OpenCVE AI on June 17, 2026 at 21:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update OpenClaw to version 2026.5.2 or later
  • Ensure that the CLOUDSDK_PYTHON environment variable is not set or is explicitly defined to a trusted interpreter in any shared or publicly accessible .env files
  • Restrict write permissions on repository files and enforce strict code review for changes to configuration files

Generated by OpenCVE AI on June 17, 2026 at 21:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 16 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.5.2 contains an environment variable injection vulnerability allowing workspace .env files to influence Python runtime selection through CLOUDSDK_PYTHON during Gmail setup gcloud execution. Attackers with repository access can manipulate the CLOUDSDK_PYTHON variable to execute setup through unintended local Python paths, potentially enabling arbitrary code execution.
Title OpenClaw < 2026.5.2 - Arbitrary Python Runtime Execution via CLOUDSDK_PYTHON Environment Variable
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-426
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N'}

cvssV4_0

{'score': 7, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-16T19:34:59.916Z

Reserved: 2026-06-10T21:19:32.651Z

Link: CVE-2026-53842

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-16T19:17:01.127

Modified: 2026-06-16T20:42:46.200

Link: CVE-2026-53842

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-16T19:30:16Z

Weaknesses