CVE-2026-4039

Medium

Published: 12 March 2026

Published

12 March 2026

Modified

16 March 2026

KEV Added

—

Patch

—

CVSS Score 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

EPSS Score 0.0010 27.3th percentile

Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Description

A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1 is…

able to resolve this issue. This patch is called 8c9f35cdb51692b650ddf05b259ccdd75cc9a83c. It is recommended to upgrade the affected component.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Requires timely remediation of the code injection flaw by applying the vendor-recommended patch to OpenClaw version 2026.2.21-beta.1.

SI-10 Information Input Validation good match

prevent

Mandates validation of inputs to the applySkillConfigenvOverrides function to neutralize special elements and prevent code injection as described in CWE-74 and CWE-94.

SI-7 Software, Firmware, and Information Integrity partial match

detect

Provides integrity verification of software and information to detect unauthorized code modifications resulting from successful injection exploits.

Security SummaryAI

CVE-2026-4039 is a code injection vulnerability affecting OpenClaw version 2026.2.19-2, specifically in the applySkillConfigenvOverrides function of the Skill Env Handler component. The issue, linked to CWE-74 (Improper Neutralization of Special Elements used in an SQL Command) and CWE-94 (Improper Control of Generation of Code), was published on 2026-03-12 and carries a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

An attacker with low privileges can exploit this vulnerability remotely over the network with low complexity and no user interaction required. Manipulation of the affected function enables code injection, resulting in limited impacts to confidentiality, integrity, and availability.

Advisories recommend upgrading the affected component to OpenClaw version 2026.2.21-beta.1, which resolves the issue via patch commit 8c9f35cdb51692b650ddf05b259ccdd75cc9a83c. Details are available in the GitHub security advisory GHSA-82g8-464f-2mv7, the project repository, release notes, and VulDB entry ctiid.350651.

Details

CWE(s): CWE-74 CWE-94

Affected Products

openclaw

≤ 2026.2.21

MITRE ATT&CK Enterprise TechniquesAI

T1210 Exploitation of Remote Services Lateral Movement

Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.

attack.mitre.org →

Why these techniques?

The vulnerability enables remote code injection over the network in a service component (Skill Env Handler) requiring low privileges, directly facilitating T1210: Exploitation of Remote Services.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/openclaw/openclaw/
Product · cna@vuldb.com
https://github.com/openclaw/openclaw/commit/8c9f35cdb51692b650ddf05b259ccdd75cc9a83c
Patch · cna@vuldb.com
https://github.com/openclaw/openclaw/releases/tag/v2026.2.21-beta.1
Release Notes · cna@vuldb.com
https://github.com/openclaw/openclaw/security/advisories/GHSA-82g8-464f-2mv7
Mitigation, Vendor Advisory · cna@vuldb.com
https://vuldb.com/?ctiid.350651
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.350651
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.769580
Third Party Advisory, VDB Entry · cna@vuldb.com