CVE-2026-22177
published 2026-03-18CVE-2026-22177: OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution…
PriorityP261high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.37%
28.9th percentile
OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODE_OPTIONS or LD_* through configuration to execute arbitrary code in the OpenClaw gateway service runtime context.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| openclaw | openclaw | < 2026.2.21 | 2026.2.21 |
| openclaw | openclaw | >= 0 < 2026.2.21 | 2026.2.21 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for injection of process-control environment variables such as NODE_OPTIONS or LD_* (e.g., LD_PRELOAD, LD_LIBRARY_PATH) into the OpenClaw gateway service configuration at startup time, which may indicate exploitation of this vulnerability. ↗
- →Alert on presence of NODE_OPTIONS or LD_* environment variables being set within OpenClaw (openclaw npm package) configuration env.vars sections, particularly in versions prior to 2026.2.21. ↗
- ·Only OpenClaw (formerly Moltbot or Clawdbot) versions prior to 2026.2.21 are affected. The fix was made available in the openclaw npm package on Mar 19, 2026, Homebrew on Mar 20, 2026, and MinimOS on Mar 18, 2026. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.06.9MEDIUMCVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
OpenClaw's config env vars allowed startup env injection into service runtime
osv·2026-03-03
CVE-2026-22177 [MEDIUM] OpenClaw's config env vars allowed startup env injection into service runtime
OpenClaw's config env vars allowed startup env injection into service runtime
### Summary
OpenClaw allowed dangerous process-control environment variables from `env.vars` (for example `NODE_OPTIONS`, `LD_*`, `DYLD_*`) to flow into gateway service runtime environments, enabling startup-time code execution in the OpenClaw process context.
### Details
`collectConfigEnvVars()` accepted unfiltered keys from config and those values were merged into the daemon install environment in `buildGatewayInstallPlan()`. Before the fix, startup-control variables were not blocked in this path.
### Affected Packages / Versions
- Package: `openclaw` (npm)
- Latest published affected version: `2026.2.19-2` (published February 19, 2026)
- Affected range (structured): `= 2026.2.21`
### Fix Commit(s)
- `2cdba
GHSA
OpenClaw's config env vars allowed startup env injection into service runtime
ghsa·2026-03-03
CVE-2026-22177 [MEDIUM] CWE-15 OpenClaw's config env vars allowed startup env injection into service runtime
OpenClaw's config env vars allowed startup env injection into service runtime
### Summary
OpenClaw allowed dangerous process-control environment variables from `env.vars` (for example `NODE_OPTIONS`, `LD_*`, `DYLD_*`) to flow into gateway service runtime environments, enabling startup-time code execution in the OpenClaw process context.
### Details
`collectConfigEnvVars()` accepted unfiltered keys from config and those values were merged into the daemon install environment in `buildGatewayInstallPlan()`. Before the fix, startup-control variables were not blocked in this path.
### Affected Packages / Versions
- Package: `openclaw` (npm)
- Latest published affected version: `2026.2.19-2` (published February 19, 2026)
- Affected range (structured): `= 2026.2.21`
### Fix Commit(s)
- `2cdba
No detection rules found.
No public exploits indexed.
https://github.com/openclaw/openclaw/commit/2cdbadee1f8fcaa93302d7debbfc529e19868ea4https://github.com/openclaw/openclaw/security/advisories/GHSA-8fmp-37rc-p5g7https://github.com/openclaw/openclaw/security/advisories/GHSA-w9j9-w4cp-6wgrhttps://www.vulncheck.com/advisories/openclaw-environment-variable-injection-via-config-env-vars
2026-03-18
Published