{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-35641/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.8,"id":"CVE-2026-35641"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["cve-2026-35641","code-execution","npm"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eOpenClaw versions before 2026.3.24 are susceptible to arbitrary code execution. The vulnerability lies in the local plugin and hook installation process. An attacker can exploit this by crafting a malicious \u003ccode\u003e.npmrc\u003c/code\u003e file that overrides the \u003ccode\u003egit\u003c/code\u003e executable. During the \u003ccode\u003enpm install\u003c/code\u003e execution within the staged package directory, the system inadvertently triggers the attacker\u0026rsquo;s specified programs. This happens because \u003ccode\u003enpm\u003c/code\u003e leverages \u003ccode\u003egit\u003c/code\u003e dependencies, and the overridden \u003ccode\u003egit\u003c/code\u003e path points to a malicious executable. This can allow complete system compromise, depending on the permissions of the user running the \u003ccode\u003enpm install\u003c/code\u003e command. This vulnerability was reported on April 10, 2026.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a target system running a vulnerable version of OpenClaw (prior to 2026.3.24).\u003c/li\u003e\n\u003cli\u003eAttacker crafts a malicious \u003ccode\u003e.npmrc\u003c/code\u003e file. This file contains a configuration that overrides the \u003ccode\u003egit\u003c/code\u003e executable path to point to a malicious binary under attacker control. For example, \u003ccode\u003egit=path/to/malicious/executable\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker places the crafted \u003ccode\u003e.npmrc\u003c/code\u003e file in a location where the \u003ccode\u003enpm\u003c/code\u003e command will recognize it (e.g., the project directory, user\u0026rsquo;s home directory, or a global configuration directory).\u003c/li\u003e\n\u003cli\u003eThe attacker triggers an \u003ccode\u003enpm install\u003c/code\u003e command execution within a project that processes plugins or hooks.\u003c/li\u003e\n\u003cli\u003eDuring the \u003ccode\u003enpm install\u003c/code\u003e process, \u003ccode\u003enpm\u003c/code\u003e attempts to resolve git dependencies.\u003c/li\u003e\n\u003cli\u003eDue to the \u003ccode\u003e.npmrc\u003c/code\u003e configuration, \u003ccode\u003enpm\u003c/code\u003e executes the attacker-controlled \u0026ldquo;git\u0026rdquo; executable specified in the .npmrc file instead of the legitimate git binary.\u003c/li\u003e\n\u003cli\u003eThe attacker-controlled executable executes arbitrary code on the system.\u003c/li\u003e\n\u003cli\u003eThe attacker achieves arbitrary code execution, potentially leading to system compromise, data exfiltration, or other malicious activities.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows attackers to execute arbitrary code with the privileges of the user running the \u003ccode\u003enpm install\u003c/code\u003e command. This can lead to complete system compromise, sensitive data leakage, or denial-of-service. While the specific number of victims is unknown, any system running a vulnerable version of OpenClaw is at risk. Sectors most likely to be impacted are those relying on OpenClaw for plugin and hook management.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade OpenClaw to version 2026.3.24 or later to patch the vulnerability (CVE-2026-35641).\u003c/li\u003e\n\u003cli\u003eImplement file integrity monitoring on \u003ccode\u003e.npmrc\u003c/code\u003e files to detect unauthorized modifications (file_event log source).\u003c/li\u003e\n\u003cli\u003eMonitor process executions where \u003ccode\u003enpm\u003c/code\u003e spawns child processes from unusual or unexpected paths, especially those outside standard installation directories (process_creation log source). Use the Sigma rule provided below to detect this behavior.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-10T17:17:04Z","date_published":"2026-04-10T17:17:04Z","id":"/briefs/2026-04-openclaw-code-exec/","summary":"OpenClaw before 2026.3.24 is vulnerable to arbitrary code execution via local plugin and hook installation, where an attacker can craft a .npmrc file with a git executable override to execute malicious code during npm install.","title":"OpenClaw Arbitrary Code Execution via Malicious .npmrc File","url":"https://feed.craftedsignal.io/briefs/2026-04-openclaw-code-exec/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-35641","version":"https://jsonfeed.org/version/1.1"}