CVE-2026-22181 | OpenClaw up to 2026.3.1 Environment Variable server-side request forgery (GHSA-8mvx-p2r9-r375)

A vulnerability, which was classified as critical, was found in OpenClaw up to 2026.3.1. This vulnerability affects unknown code of the component Environment Variable Handler. The manipulation results in server-side request forgery.

This vulnerability is identified as CVE-2026-22181. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More