{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4039", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-12T06:46:12.632Z", "datePublished": "2026-03-12T12:02:10.143Z", "dateUpdated": "2026-03-12T13:10:51.077Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-12T12:02:10.143Z"}, "title": "OpenClaw Skill Env applySkillConfigenvOverrides code injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "Code Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-74", "lang": "en", "description": "Injection"}]}], "affected": [{"vendor": "n/a", "product": "OpenClaw", "versions": [{"version": "2026.2.19-2", "status": "affected"}, {"version": "2026.2.21-beta.1", "status": "unaffected"}], "cpes": ["cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:*:*:*"], "modules": ["Skill Env Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1 is able to resolve this issue. This patch is called 8c9f35cdb51692b650ddf05b259ccdd75cc9a83c. It is recommended to upgrade the affected component."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:OF/RC:C"}}], "timeline": [{"time": "2026-03-12T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-12T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-12T07:51:23.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "nedlir (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.350651", "name": "VDB-350651 | OpenClaw Skill Env applySkillConfigenvOverrides code injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.350651", "name": "VDB-350651 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.769580", "name": "Submit #769580 | openclaw OpenClaw 2026.2.19-2 Code Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-82g8-464f-2mv7", "tags": ["related"]}, {"url": "https://github.com/openclaw/openclaw/commit/8c9f35cdb51692b650ddf05b259ccdd75cc9a83c", "tags": ["patch"]}, {"url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.21-beta.1", "tags": ["patch"]}, {"url": "https://github.com/openclaw/openclaw/", "tags": ["product"]}], "tags": ["x_open-source"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-12T13:10:16.297254Z", "id": "CVE-2026-4039", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T13:10:51.077Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4039", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-12T13:10:16.297254Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T13:10:46.831Z"}}], "cna": {"tags": ["x_open-source"], "title": "OpenClaw Skill Env applySkillConfigenvOverrides code injection", "credits": [{"lang": "en", "type": "reporter", "value": "nedlir (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:OF/RC:C"}}], "affected": [{"cpes": ["cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:*:*:*"], "vendor": "n/a", "modules": ["Skill Env Handler"], "product": "OpenClaw", "versions": [{"status": "affected", "version": "2026.2.19-2"}, {"status": "unaffected", "version": "2026.2.21-beta.1"}]}], "timeline": [{"lang": "en", "time": "2026-03-12T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-03-12T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-03-12T07:51:23.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.350651", "name": "VDB-350651 | OpenClaw Skill Env applySkillConfigenvOverrides code injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.350651", "name": "VDB-350651 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.769580", "name": "Submit #769580 | openclaw OpenClaw 2026.2.19-2 Code Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-82g8-464f-2mv7", "tags": ["related"]}, {"url": "https://github.com/openclaw/openclaw/commit/8c9f35cdb51692b650ddf05b259ccdd75cc9a83c", "tags": ["patch"]}, {"url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.21-beta.1", "tags": ["patch"]}, {"url": "https://github.com/openclaw/openclaw/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1 is able to resolve this issue. This patch is called 8c9f35cdb51692b650ddf05b259ccdd75cc9a83c. It is recommended to upgrade the affected component."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "Code Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-74", "description": "Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-12T12:02:10.143Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4039", "state": "PUBLISHED", "dateUpdated": "2026-03-12T13:10:51.077Z", "dateReserved": "2026-03-12T06:46:12.632Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-03-12T12:02:10.143Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "09CAA52D-0C33-41B4-854A-338CBFC45513", "versionEndExcluding": "2026.2.21", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1 is able to resolve this issue. This patch is called 8c9f35cdb51692b650ddf05b259ccdd75cc9a83c. It is recommended to upgrade the affected component."}, {"lang": "es", "value": "Se determin\u00f3 una vulnerabilidad en OpenClaw 2026.2.19-2. Esta vulnerabilidad afecta la funci\u00f3n applySkillConfigenvOverrides del componente Gestor de Entorno de Habilidades. Ejecutar una manipulaci\u00f3n puede conducir a la inyecci\u00f3n de c\u00f3digo. Es posible lanzar el ataque remotamente. Actualizar a la versi\u00f3n 2026.2.21-beta.1 puede resolver este problema. Este parche se llama 8c9f35cdb51692b650ddf05b259ccdd75cc9a83c. Se recomienda actualizar el componente afectado."}], "id": "CVE-2026-4039", "lastModified": "2026-03-16T18:02:55.483", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-12T12:15:59.740", "references": [{"source": "cna@vuldb.com", "tags": ["Product"], "url": "https://github.com/openclaw/openclaw/"}, {"source": "cna@vuldb.com", "tags": ["Patch"], "url": "https://github.com/openclaw/openclaw/commit/8c9f35cdb51692b650ddf05b259ccdd75cc9a83c"}, {"source": "cna@vuldb.com", "tags": ["Release Notes"], "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.21-beta.1"}, {"source": "cna@vuldb.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-82g8-464f-2mv7"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/?ctiid.350651"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.350651"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.769580"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-94"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2026.2.19-2"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "2026.2.21-beta.1"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "OpenClaw", "source": "cna", "vendor": "n/a"}, "product": "openclaw", "vendor": "openclaw"}], "analysis": {"en": {"generated_at": "2026-03-17T17:22:24.802607+00:00", "value": {"mitigation_remediation": ["Upgrade OpenClaw to the fixed release v2026.2.21\u2011beta.1 as recommended by the vendor."], "summary": {"action": "Upgrade", "impact": "Code Injection"}, "threat_synthesis": {"affected_systems": "The affected product is OpenClaw, with deployments of version 2026.2.19\u20112 identified as vulnerable. The public advisory recommends upgrading to version 2026.2.21\u2011beta.1, which incorporates the security fix (commit 8c9f35cdb51692b650ddf05b259ccdd75cc9a83c). Affected CPE strings include openclaw:openclaw and openclaw:openclaw:node.js. No other vendors or product versions are listed in the CVE data.", "description_and_impact": "OpenClaw version 2026.2.19\u20112 contains a vulnerability in the function applySkillConfigenvOverrides of the Skill Env Handler component. According to the advisory, manipulating data processed by this function can lead to code injection, allowing an attacker to execute arbitrary code within the context of the OpenClaw process. The weakness is classified as CWE\u201174 and CWE\u201194, indicating that user input is not properly sanitized before being used in code execution paths. The vulnerability description explicitly states that the attack can be launched remotely, but no further details about the required conditions are provided.", "risk_and_exploitability": "The CVSS base score is 5.3, indicating a moderate severity risk. The EPSS score is reported as less than 1%, implying that the likelihood of exploitation is low at present. The vulnerability is not present in the CISA Known Exploited Vulnerabilities catalog, meaning there are no documented active exploitations. An attacker would need to reach the target system over the network to trigger the remote code injection described in the advisory. These facts suggest that while the risk is moderate, practical exploitation remains uncommon based on available evidence."}}}}, "created": "2026-03-13T09:53:15.659937+00:00", "updated": "2026-03-20T15:49:52.688781+00:00", "vendors": ["openclaw", "openclaw$PRODUCT$openclaw"]}