CVE-2026-44995

7.3 HIGH
Published: May 11, 2026 Modified: May 13, 2026
View on NVD

Description

OpenClaw before 2026.4.20 contains an improper environment variable validation vulnerability in MCP stdio server configuration that allows attackers to execute arbitrary code. Malicious workspace configurations can pass dangerous startup variables like NODE_OPTIONS, LD_PRELOAD, or BASH_ENV to spawned MCP server processes, enabling code injection when operators start sessions using those servers.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/openclaw/openclaw/commit/62fa5071896e95edc7f67d1cebc70a2859e283af
Source: disclosure@vulncheck.com
Patch
https://github.com/openclaw/openclaw/commit/85d86ebc4bf3d2226d39d132a484f4f7a299fa1b
Source: disclosure@vulncheck.com
Broken Link
https://github.com/openclaw/openclaw/security/advisories/GHSA-mj59-h3q9-ghfh
Source: disclosure@vulncheck.com
Third Party Advisory
https://www.vulncheck.com/advisories/openclaw-arbitrary-code-execution-via-mcp-stdio-environment-variables
Source: disclosure@vulncheck.com
Third Party Advisory Patch

4 reference(s) from NVD

Quick Stats

CVSS v3 Score
7.3 / 10.0
EPSS (Exploit Probability)
0.1%
3th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-829

Affected Vendors

openclaw

Related CVEs

CVE-2026-48777 N/A
CVE-2026-47750 7.8
CVE-2026-47747 7.8
CVE-2026-46448 5.4
CVE-2026-22313 9.1