CVE-2026-44114

HIGH EPSS 2.9%
Published May 6, 20261mo ago · Modified Jun 17, 20261w ago
8.5 CVSS 4.0
High
Find Similar
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

OpenClaw before 2026.4.20 fails to properly reserve the OPENCLAW_ runtime-control environment namespace in workspace dotenv files, allowing attackers to override critical runtime variables. Malicious workspaces can set variables like OPENCLAW_GIT_DIR to manipulate trusted OpenClaw runtime behavior during source-update or installer flows.

CVSS Details

Base Score
8.5
Exploitability
Impact
Vector string
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction P
Scope X

Threat Intelligence

EPSS Exploit Probability
2.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-184

Affected Products 1

VendorProductVersionRange
openclawopenclaw* <2026.4.20

References 3

  • github.com https://github.com/openclaw/openclaw/commit/018494fa3ebb9145112e68b56fe1cb2e9f9a9ed6
    Patch
  • github.com https://github.com/openclaw/openclaw/security/advisories/GHSA-hxvm-xjvf-93f3
    MitigationVendor Advisory
  • vulncheck.com https://www.vulncheck.com/advisories/openclaw-environment-variable-namespace-collision-via-workspace-dotenv
    Third Party Advisory

Remediation

  • github.com https://github.com/openclaw/openclaw/commit/018494fa3ebb9145112e68b56fe1cb2e9f9a9ed6
    Patch