GHSA-w9cg-v44m-4qv8

Suggest an improvement
Source
https://github.com/advisories/GHSA-w9cg-v44m-4qv8
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-w9cg-v44m-4qv8/GHSA-w9cg-v44m-4qv8.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-w9cg-v44m-4qv8
Downstream
Published
2026-03-03T22:09:52Z
Modified
2026-03-04T15:17:45.364771Z
Severity
  • 7.3 (High) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
OpenClaw affected by BASH_ENV / ENV startup-file injection into spawned shell commands
Details

Summary

BASH_ENV / ENV startup-file injection could lead to unintended pre-command shell execution when attacker-controlled environment values were admitted and then inherited by host command execution paths.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Affected: <= 2026.2.19-2
  • Fixed on main: 2cdbadee1f8fcaa93302d7debbfc529e19868ea4
  • Planned patched release version: 2026.2.21

Details

The fix hardens environment handling across all relevant execution paths: - Blocks dangerous startup/runtime env keys and prefixes in shared host env sanitization. - Sanitizes inherited ambient environment even when no per-request overrides are provided. - Blocks dangerous config-driven env injection before values enter process environment. - Uses the same sanitizer in macOS host execution paths. - Aligns skill env override sanitization with the shared dangerous-env policy.

Impact

Medium. Exploitation requires local/privileged influence over configuration or environment inputs; there is no standalone remote unauthenticated trigger from this issue alone.

Fix Commit(s)

  • 2cdbadee1f8fcaa93302d7debbfc529e19868ea4

Release Process Note

patched_versions is pre-set to the planned next release (2026.2.21). Once npm openclaw@2026.2.21 is published, the advisory can be published without further field edits.

OpenClaw thanks @tdjackey for reporting.

Database specific 
{
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-03T22:09:52Z",
    "cwe_ids": [
        "CWE-15",
        "CWE-78"
    ],
    "severity": "HIGH",
    "nvd_published_at": null
}
References

Affected packages

npm / openclaw

Package

Name
openclaw
View open source insights on deps.dev
Purl
pkg:npm/openclaw

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2026.2.21

Database specific

source 
"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-w9cg-v44m-4qv8/GHSA-w9cg-v44m-4qv8.json"