CVE-2026-41357 | OpenClaw up to 2026.3.30 Environment Variable invocation of process using visible sensitive information (GHSA-j9pv-rrcj-6pfx)

A vulnerability marked as problematic has been reported in OpenClaw up to 2026.3.30. This vulnerability affects unknown code of the component Environment Variable Handler. Performing a manipulation results in invocation of process using visible sensitive information.

This vulnerability is reported as CVE-2026-41357. The attack requires a local approach. No exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More