Primary

Context

OpenClaw Environment Variable Injection Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A vulnerability in OpenClaw versions prior to 2026.2.21 allows for the injection of dangerous process-control environment variables through the configuration's env.vars. This injection can lead to startup-time code execution within the OpenClaw gateway service's runtime context. Variables such as NODE_OPTIONS and LD_* can be exploited to execute arbitrary code.

Impact

Exploitation of this vulnerability allows for arbitrary code execution in the OpenClaw gateway service runtime.

Reproduction

To reproduce this vulnerability, inject dangerous environment variables such as NODE_OPTIONS or LD_* through the OpenClaw configuration's env.vars. Once the variables are injected, they will flow into the gateway service runtime, where the injected values can be executed as code.

Remediation

Users can update to OpenClaw version 2026.2.21 or later, where this vulnerability has been patched.

Added: Mar 18, 2026, 2:29 AM

Updated: Mar 18, 2026, 2:29 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.4

remediation

0.0

relevance

4.1

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.4

remediation

0.0

relevance

4.1

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenClaw Environment Variable Injection Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating