CVE-2026-43531
Published: 05 May 2026
Description
OpenClaw before 2026.4.9 contains an environment variable injection vulnerability allowing malicious workspace .env files to set runtime-control variables. Attackers can inject variables affecting update sources, gateway URLs, ClawHub resolution, and browser executable paths to compromise application behavior.
Likely Mitigating ControlsAI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
The policy and procedures establish internal controls and change management for system configuration settings, reducing the feasibility of external unauthorized modifications.
Baseline configuration under change control directly prevents unauthorized external modification of system or configuration settings.
Requires approval, documentation, and security impact review of all configuration changes, directly preventing unauthorized external control of system settings.
Impact analysis of configuration changes reduces the risk of deploying settings that permit unauthorized external control.
Restricting changes to system and configuration settings prevents external entities from controlling those settings without approval.
Establishing, implementing, approving deviations from, and monitoring configuration settings directly prevents external or unauthorized control of system settings.
The plan defines processes for identifying and managing configuration items, preventing external unauthorized control of system settings.
Vulnerability scanners directly detect externally controllable or misconfigured settings using standardized checklists.
Security SummaryAI
CVE-2026-43531, published on 2026-05-05, is an environment variable injection vulnerability (CWE-15) affecting OpenClaw versions prior to 2026.4.9. The flaw enables malicious workspace .env files to inject runtime-control variables, influencing critical components such as update sources, gateway URLs, ClawHub resolution, and browser executable paths. This compromises the application's overall behavior. The vulnerability carries a CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).
A local attacker with low privileges can exploit the vulnerability by convincing a user to load a workspace containing a crafted .env file, requiring user interaction. Successful exploitation allows injection of environment variables that redirect application functions, such as update mechanisms or network resolutions, leading to high impacts on confidentiality, integrity, and availability.
Mitigation is available via the patch in OpenClaw commit dbfcef319618158fa40b31cdac386ea34c392c0c, which corresponds to version 2026.4.9 and later. Security practitioners should consult the GitHub security advisory at GHSA-7wv4-cc7p-jhxc and the Vulncheck advisory for additional details on remediation and verification steps.
Details
- CWE(s)
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Crafted .env workspace file requires user interaction to load (T1204.002); injected variables directly control executable paths and update sources enabling path interception hijacking (T1574.007).