CVE-2026-44995
OpenClaw < 2026.4.20 - Arbitrary Code Execution via MCP stdio Environment Variables
CVSS Score
7.3
EPSS Score
0.0%
EPSS Percentile
0th
OpenClaw before 2026.4.20 contains an improper environment variable validation vulnerability in MCP stdio server configuration that allows attackers to execute arbitrary code. Malicious workspace configurations can pass dangerous startup variables like NODE_OPTIONS, LD_PRELOAD, or BASH_ENV to spawned MCP server processes, enabling code injection when operators start sessions using those servers.
| CWE | CWE-829 |
| Vendor | openclaw |
| Product | openclaw |
| Published | May 11, 2026 |
| Last Updated | May 11, 2026 |
Stay Ahead of the Next One
Get instant alerts for openclaw openclaw
Be the first to know when new high vulnerabilities affecting openclaw openclaw are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
OpenClaw / OpenClaw
0 < 2026.4.20
References
github.com: https://github.com/openclaw/openclaw/security/advisories/GHSA-mj59-h3q9-ghfh github.com: https://github.com/openclaw/openclaw/commit/62fa5071896e95edc7f67d1cebc70a2859e283af github.com: https://github.com/openclaw/openclaw/commit/85d86ebc4bf3d2226d39d132a484f4f7a299fa1b vulncheck.com: https://www.vulncheck.com/advisories/openclaw-arbitrary-code-execution-via-mcp-stdio-environment-variables
Credits
๐ Gus (@garagon)