OpenClaw Compiler Binary Substitution Vulnerability via Environment Variable Override

A vulnerability in OpenClaw versions prior to 2026.3.31 allows untrusted models to substitute key compiler binary environment variables, including CC, CXX, CARGO_BUILD_RUSTC, and CMAKE_C_COMPILER. This substitution is made possible through environment overrides on approved host execution requests, creating a risk that arbitrary code could be executed during build processes.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of arbitrary code by substituting compiler binaries with malicious ones, which could then be executed during the build process.

Reproduction

The vulnerability can be reproduced by sending an approved host-exec request that includes overrides for the compiler binary environment variables. This can be done by specifying the desired substitutions in the environment overrides of the host-exec request. Once the overridden environment is applied, the substituted compiler binaries will be used, allowing for the execution of arbitrary code.

Remediation

Users can update to OpenClaw version 2026.3.31 or later, where this vulnerability has been patched.