GHSA-rj39-33v7-9xrq
Suggest an improvement- Source
- https://github.com/advisories/GHSA-rj39-33v7-9xrq
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-rj39-33v7-9xrq/GHSA-rj39-33v7-9xrq.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-rj39-33v7-9xrq
- Downstream
- Withdrawn
- 2026-03-24T19:06:06Z
- Published
- 2026-03-21T03:31:14Z
- Modified
- 2026-03-24T19:16:42.246412Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- 7.7 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator
- Summary
- Duplicate Advisory: OpenClaw's shell startup env injection bypasses system.run allowlist intent (RCE class)
- Details
-
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-xgf2-vxv2-rrmg. This link is maintained to preserve external references.
Original Description
OpenClaw versions prior to 2026.2.22 fail to sanitize shell startup environment variables HOME and ZDOTDIR in the system.run function, allowing attackers to bypass command allowlist protections. Remote attackers can inject malicious startup files such as .bash_profile or .zshenv to achieve arbitrary code execution before allowlist-evaluated commands are executed.
- Database specific
{ "github_reviewed_at": "2026-03-24T19:06:06Z", "nvd_published_at": "2026-03-21T01:17:09Z", "cwe_ids": [ "CWE-78" ], "severity": "HIGH", "github_reviewed": true }- References
-
- https://github.com/openclaw/openclaw/security/advisories/GHSA-xgf2-vxv2-rrmg
- https://nvd.nist.gov/vuln/detail/CVE-2026-32056
- https://github.com/openclaw/openclaw/commit/c2c7114ed39a547ab6276e1e933029b9530ee906
- https://www.vulncheck.com/advisories/openclaw-remote-code-execution-via-shell-startup-environment-variable-injection-in-system-run
Affected packages
npm / openclaw
Package
- Name
- openclaw
- View open source insights on deps.dev
- Purl
- pkg:npm/openclaw