CVE-2026-41294 | OpenClaw up to 2026.3.27 Environment Variable external control of setting (GHSA-8rh7-6779-cjqq)

A vulnerability has been found in OpenClaw up to 2026.3.27 and classified as problematic. Affected by this issue is some unknown functionality of the component Environment Variable Handler. The manipulation leads to external control of system or configuration setting.

This vulnerability is listed as CVE-2026-41294. The attack must be carried out locally. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More