CVE-2026-44995

Published: Mag 11, 2026 Last Modified: Mag 11, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,4

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: passive

Confidentiality: N/A

Integrity: N/A

Availability: N/A

HIGH 7,3

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: required

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

OpenClaw before 2026.4.20 contains an improper environment variable validation vulnerability in MCP stdio server configuration that allows attackers to execute arbitrary code. Malicious workspace configurations can pass dangerous startup variables like NODE_OPTIONS, LD_PRELOAD, or BASH_ENV to spawned MCP server processes, enabling code injection when operators start sessions using those servers.

829

Inclusion of Functionality from Untrusted Control Sphere

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Availability

Potential Impacts:

Execute Unauthorized Code Or Commands

Applicable Platforms

All platforms may be affected

View CWE Details

https://github.com/openclaw/openclaw/commit/62fa5071896e95e…

https://github.com/openclaw/openclaw/commit/62fa5071896e95edc7f67d1cebc70a2859e…

https://github.com/openclaw/openclaw/commit/85d86ebc4bf3d22…

https://github.com/openclaw/openclaw/commit/85d86ebc4bf3d2226d39d132a484f4f7a29…

https://github.com/openclaw/openclaw/security/advisories/GH…

https://github.com/openclaw/openclaw/security/advisories/GHSA-mj59-h3q9-ghfh

https://www.vulncheck.com/advisories/openclaw-arbitrary-cod…

https://www.vulncheck.com/advisories/openclaw-arbitrary-code-execution-via-mcp-…