CVE-2026-53846: Arbitrary Command Execution via Workspace .env Hijacking in OpenClaw
Vulnerability ID: CVE-2026-53846
CVSS Score: 7.1
Published: 2026-06-18
OpenClaw versions prior to 2026.4.29 contain an untrusted search path vulnerability in the install helper module. By loading an untrusted workspace containing a crafted .env file, the application allows overriding critical environment variables, specifically npm_execpath, leading to arbitrary command execution in the context of the running process. This vulnerability is tracked as CVE-2026-53846 and GHSA-24vr-rprv-67rf.
TL;DR
OpenClaw before 2026.4.29 allows arbitrary command execution when an operator loads a workspace containing a poisoned .env file that overrides the npm_execpath variable.
⚠️ Exploit Status: POC
Technical Details
- CWE ID: CWE-426 (Untrusted Search Path)
- Attack Vector: Local (AV:L)
- CVSS Score: 7.1 (CVSS:3.1)
- Exploit Status: Proof-of-Concept (PoC)
- KEV Status: Not Listed
- Impact: Arbitrary Code Execution (RCE)
Affected Systems
- OpenClaw workspace initialization modules
- OpenClaw runtime installer engine
-
openclaw: < 2026.4.29 (Fixed in:
2026.4.29)
Mitigation Strategies
- Upgrade to OpenClaw stable version 2026.4.29 or later to implement environment variable filtering.
- Block external network access from local build agents and OpenClaw hosting processes.
- Disable automatic dependency installation features in unvetted multi-tenant workspaces.
Remediation Steps:
- Audit active OpenClaw deployments and identify instances below version 2026.4.29.
- Execute package manager update commands to upgrade 'openclaw' to '2026.4.29'.
- Validate configurations to ensure that workspace environment loading restricts 'npm_execpath' overrides.
References
Read the full report for CVE-2026-53846 on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)