{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/environment_variable_override/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.8,"id":"CVE-2026-44114"}],"_cs_exploited":false,"_cs_products":["OpenClaw"],"_cs_severities":["high"],"_cs_tags":["cve","environment_variable_override","code_execution"],"_cs_type":"advisory","_cs_vendors":["OpenClaw"],"content_html":"\u003cp\u003eOpenClaw versions prior to 2026.4.20 are susceptible to an environment variable namespace collision vulnerability. This flaw stems from the application\u0026rsquo;s failure to properly reserve the \u003ccode\u003eOPENCLAW_\u003c/code\u003e runtime-control environment namespace within workspace dotenv files. By crafting malicious workspaces, attackers can set variables like \u003ccode\u003eOPENCLAW_GIT_DIR\u003c/code\u003e to manipulate OpenClaw runtime behavior during critical operations, such as source updates and installer workflows. This vulnerability allows for the potential hijacking of trusted OpenClaw runtime processes.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker crafts a malicious workspace containing a dotenv file.\u003c/li\u003e\n\u003cli\u003eThe dotenv file includes environment variables prefixed with \u003ccode\u003eOPENCLAW_\u003c/code\u003e, such as \u003ccode\u003eOPENCLAW_GIT_DIR\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe victim user imports or uses the attacker-controlled workspace in OpenClaw.\u003c/li\u003e\n\u003cli\u003eOpenClaw loads the dotenv file, inadvertently overriding its own runtime configuration.\u003c/li\u003e\n\u003cli\u003eDuring a source-update operation, OpenClaw uses the attacker-controlled \u003ccode\u003eOPENCLAW_GIT_DIR\u003c/code\u003e to locate the Git repository.\u003c/li\u003e\n\u003cli\u003eThe attacker redirects OpenClaw to a malicious Git repository under their control.\u003c/li\u003e\n\u003cli\u003eOpenClaw executes commands from the attacker\u0026rsquo;s malicious Git repository, leading to code execution.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation allows attackers to execute arbitrary code within the context of the OpenClaw application. This could lead to the compromise of the user\u0026rsquo;s system, data exfiltration, or further malicious activities. Given the potentially widespread use of OpenClaw in development environments, this vulnerability poses a significant risk to organizations using affected versions.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to OpenClaw version 2026.4.20 or later to remediate the vulnerability (CVE-2026-44114).\u003c/li\u003e\n\u003cli\u003eImplement file integrity monitoring on workspace dotenv files to detect unauthorized modifications.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect OpenClaw Environment Variable Overrides\u003c/code\u003e to identify suspicious processes modifying OpenClaw\u0026rsquo;s runtime behavior.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-06T20:16:35Z","date_published":"2026-05-06T20:16:35Z","id":"/briefs/2026-05-openclaw-env-override/","summary":"OpenClaw before 2026.4.20 is vulnerable to improper environment variable namespace reservation, allowing attackers to override critical runtime variables via workspace dotenv files.","title":"OpenClaw Improper Environment Variable Handling Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-openclaw-env-override/"}],"language":"en","title":"CraftedSignal Threat Feed — Environment_variable_override","version":"https://jsonfeed.org/version/1.1"}