Impact
OpenClaw versions prior to 2026.5.2 contain an environment variable injection flaw in the workspace .env file, where the STATE_DIRECTORY variable can influence the locations from which bundled runtime dependencies are loaded. Attackers who can set or modify this variable may cause OpenClaw to resolve dependencies from unintended local paths, potentially leading to execution of malicious code during the dependency resolution phase. The primary impact is remote or local code execution within the OpenClaw process, giving an attacker control over the application and its environment.
Affected Systems
The Vendor OpenClaw, Product OpenClaw, is affected for all releases before 2026.5.2. Any deployment of OpenClaw built with a legacy version is vulnerable to the exploitation described above.
Risk and Exploitability
The CVSS score of 7 indicates a high severity vulnerability. The EPSS score of less than 1% suggests that exploitation is currently unlikely but not impossible; the risk may increase if an attacker gains the ability to set the STATE_DIRECTORY environment variable in a vulnerable environment. The vulnerability is not listed in the CISA KEV catalog, so no mass exploitation has yet been recorded. The likely attack vector is through control of the environment for a user or process that runs OpenClaw, which could be gained through compromised credentials or by affecting configuration files in a shared workspace.
OpenCVE Enrichment
Github GHSA