Tag
high
advisory
OpenClaw Arbitrary Code Execution via Environment Variable Override (CVE-2026-41336)
2 rules 1 TTP 1 CVEOpenClaw before 2026.3.31 allows attackers to execute arbitrary code by overriding the OPENCLAW_BUNDLED_HOOKS_DIR environment variable using a workspace .env file, enabling the loading of attacker-controlled hook code.
OpenClaw
cve
code-execution
environment-variable-override
2r
1t
1c
high
advisory
OpenClaw Plugin Trust Verification Bypass via Environment Variable Override
2 rules 1 TTP 1 CVEOpenClaw before 2026.3.31 allows attackers with control over workspace configuration to inject malicious plugins by overriding the OPENCLAW_BUNDLED_PLUGINS_DIR environment variable through workspace .env files, compromising plugin trust verification.
OpenClaw
cve-2026-41396
environment-variable-override
plugin-injection
2r
1t
1c