{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22177", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-01-06T16:47:17.181Z", "datePublished": "2026-03-18T01:34:21.592Z", "dateUpdated": "2026-04-08T16:05:27.893Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-08T16:05:27.893Z"}, "title": "OpenClaw < 2026.2.21 - Environment Variable Injection via Config env.vars", "datePublic": "2026-02-21T00:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-15", "description": "CWE-15: External Control of System or Configuration Setting", "type": "CWE"}]}], "affected": [{"vendor": "OpenClaw", "product": "OpenClaw", "versions": [{"status": "affected", "version": "0", "lessThan": "2026.2.21", "versionType": "semver"}, {"status": "unaffected", "version": "2026.2.21", "versionType": "semver"}], "defaultStatus": "unaffected", "packageURL": "pkg:npm/openclaw"}], "cpeApplicability": [{"nodes": [{"operator": "OR", "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "versionEndExcluding": "2026.2.21"}]}]}], "descriptions": [{"lang": "en", "value": "OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODE_OPTIONS or LD_* through configuration to execute arbitrary code in the OpenClaw gateway service runtime context.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODE_OPTIONS or LD_* through configuration to execute arbitrary code in the OpenClaw gateway service runtime context.</p>"}]}], "tags": ["x_open-source"], "references": [{"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-8fmp-37rc-p5g7", "name": "GitHub Security Advisory (GHSA-8fmp-37rc-p5g7)", "tags": ["vendor-advisory"]}, {"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-w9j9-w4cp-6wgr", "name": "Patch Commit", "tags": ["vendor-advisory"]}, {"url": "https://github.com/openclaw/openclaw/commit/2cdbadee1f8fcaa93302d7debbfc529e19868ea4", "name": "VulnCheck Advisory: OpenClaw < 2026.2.21 - Environment Variable Injection via Config env.vars", "tags": ["patch"]}, {"url": "https://www.vulncheck.com/advisories/openclaw-environment-variable-injection-via-config-env-vars", "tags": ["third-party-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "LOW", "baseSeverity": "MEDIUM", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"}}], "credits": [{"lang": "en", "value": "tdjackey", "type": "finder"}, {"lang": "en", "value": "Zhijie Zhang", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-18T19:48:30.916488Z", "id": "CVE-2026-22177", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-18T19:48:38.451Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-22177", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-18T19:48:30.916488Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-18T19:48:35.532Z"}}], "cna": {"tags": ["x_open-source"], "title": "OpenClaw < 2026.2.21 - Environment Variable Injection via Config env.vars", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "tdjackey"}, {"lang": "en", "type": "finder", "value": "Zhijie Zhang"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "OpenClaw", "product": "OpenClaw", "versions": [{"status": "affected", "version": "0", "lessThan": "2026.2.21", "versionType": "semver"}, {"status": "unaffected", "version": "2026.2.21", "versionType": "semver"}], "packageURL": "pkg:npm/openclaw", "defaultStatus": "unaffected"}], "datePublic": "2026-02-21T00:00:00.000Z", "references": [{"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-8fmp-37rc-p5g7", "name": "GitHub Security Advisory (GHSA-8fmp-37rc-p5g7)", "tags": ["vendor-advisory"]}, {"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-w9j9-w4cp-6wgr", "name": "Patch Commit", "tags": ["vendor-advisory"]}, {"url": "https://github.com/openclaw/openclaw/commit/2cdbadee1f8fcaa93302d7debbfc529e19868ea4", "name": "VulnCheck Advisory: OpenClaw < 2026.2.21 - Environment Variable Injection via Config env.vars", "tags": ["patch"]}, {"url": "https://www.vulncheck.com/advisories/openclaw-environment-variable-injection-via-config-env-vars", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODE_OPTIONS or LD_* through configuration to execute arbitrary code in the OpenClaw gateway service runtime context.", "supportingMedia": [{"type": "text/html", "value": "<p>OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODE_OPTIONS or LD_* through configuration to execute arbitrary code in the OpenClaw gateway service runtime context.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-15", "description": "CWE-15: External Control of System or Configuration Setting"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "vulnerable": true, "versionEndExcluding": "2026.2.21"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-08T16:05:27.893Z"}}}, "cveMetadata": {"cveId": "CVE-2026-22177", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:05:27.893Z", "dateReserved": "2026-01-06T16:47:17.181Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-18T01:34:21.592Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "09CAA52D-0C33-41B4-854A-338CBFC45513", "versionEndExcluding": "2026.2.21", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODE_OPTIONS or LD_* through configuration to execute arbitrary code in the OpenClaw gateway service runtime context."}, {"lang": "es", "value": "Las versiones de OpenClaw anteriores a 2026.2.21 no filtran las variables de entorno peligrosas de control de procesos de las variables de entorno de configuraci\u00f3n, lo que permite la ejecuci\u00f3n de c\u00f3digo en tiempo de inicio. Los atacantes pueden inyectar variables como NODE_OPTIONS o LD_* a trav\u00e9s de la configuraci\u00f3n para ejecutar c\u00f3digo arbitrario en el contexto de tiempo de ejecuci\u00f3n del servicio de pasarela OpenClaw."}], "id": "CVE-2026-22177", "lastModified": "2026-04-08T17:21:14.597", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 4.2, "source": "disclosure@vulncheck.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-18T02:16:21.957", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Patch"], "url": "https://github.com/openclaw/openclaw/commit/2cdbadee1f8fcaa93302d7debbfc529e19868ea4"}, {"source": "disclosure@vulncheck.com", "tags": ["Vendor Advisory"], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-8fmp-37rc-p5g7"}, {"source": "disclosure@vulncheck.com", "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-w9j9-w4cp-6wgr"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/openclaw-environment-variable-injection-via-config-env-vars"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-15"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2026.2.21)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "2026.2.21"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "OpenClaw", "source": "cna", "vendor": "OpenClaw"}, "product": "openclaw", "vendor": "openclaw"}], "analysis": {"en": {"generated_at": "2026-03-18T04:50:44.422512+00:00", "value": {"mitigation_remediation": ["Apply the official patch by updating OpenClaw to version 2026.2.21 or newer (see GitHub commit https://github.com/openclaw/openclaw/commit/2cdbadee1f8fcaa93302d7debbfc529e19868ea4).", "Restrict write permissions on the config env.vars file so that only trusted administrators can modify it.", "If upgrading immediately is not feasible, remove or sanitize dangerous variables such as NODE_OPTIONS and LD_* from the env.vars file."], "summary": {"action": "Immediate Patch", "impact": "Arbitrary Code Execution via Environment Variable Injection"}, "threat_synthesis": {"affected_systems": "The affected product is OpenClaw:OpenClaw, all releases with a version number less than 2026.2.21. The vulnerability is triggered when an attacker can write to the env.vars configuration file, which is typically part of the OpenClaw gateway service running on Node.js.", "description_and_impact": "OpenClaw versions prior to 2026.2.21 allow dangerous process\u2011control environment variables to go through the configuration file env.vars without filtering. Attackers can inject variables such as NODE_OPTIONS or LD_* prefixes, which are processed by the Node.js runtime, thereby enabling arbitrary code execution at gateway service startup. The weakness is classified as CWE\u201115 (Improper Control of Resource or Link).", "risk_and_exploitability": "The CVSS base score of 6.9 indicates a medium severity vulnerability. EPSS data is not available and the issue is not listed in CISA\u2019s KEV catalog. Because exploitation requires write access to the env.vars file, the attack vector is inferred to be local or low\u2011privilege setting, but successful exploitation would allow an attacker to execute arbitrary code within the gateway service\u2019s process context, giving full control over the service."}}}}, "created": "2026-03-18T10:42:12.552629+00:00", "updated": "2026-03-24T10:53:41.574941+00:00", "vendors": ["openclaw", "openclaw$PRODUCT$openclaw"]}