CVE-2026-41384 | OpenClaw up to 2026.3.23 Environment Variable external control of setting (GHSA-vfw7-6rhc-6xxg)

A vulnerability described as problematic has been identified in OpenClaw up to 2026.3.23. This vulnerability affects unknown code of the component Environment Variable Handler. Executing a manipulation can lead to external control of system or configuration setting.

This vulnerability is tracked as CVE-2026-41384. The attack is restricted to local execution. No exploit exists.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More