CVE-2026-22177
Received Received - Intake
Startup-Time Code Execution via Env Variable Injection in OpenClaw

Publication date: 2026-03-18

Last updated on: 2026-04-08

Assigner: VulnCheck

Description
OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODE_OPTIONS or LD_* through configuration to execute arbitrary code in the OpenClaw gateway service runtime context.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-18
Last Modified
2026-04-08
Generated
2026-06-16
AI Q&A
2026-03-18
EPSS Evaluated
2026-06-15
NVD
CVE-2026-22177
EUVD
EUVD-2026-12720
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.2.21 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-15 One or more system settings or configuration elements can be externally controlled by a user.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-22177 is a security vulnerability in OpenClaw versions prior to 2026.2.21 where dangerous process-control environment variables are not properly filtered from configuration environment variables.

This flaw allows attackers to inject environment variables such as NODE_OPTIONS or LD_* through configuration inputs, which are then merged into the OpenClaw gateway service runtime environment.

Because these variables influence shell startup behavior and dynamic library loading, attackers can exploit this to execute arbitrary code during the startup of the OpenClaw service.

The vulnerability is classified under CWE-15 (External Control of System or Configuration Setting) and was fixed by implementing centralized sanitization and blocking of dangerous environment variables across multiple components of OpenClaw.

Impact Analysis

This vulnerability can allow an attacker with limited privileges to inject malicious environment variables into the OpenClaw gateway service.

As a result, the attacker can execute arbitrary code at startup time within the context of the OpenClaw process.

This can lead to unauthorized code execution, potentially compromising the system running OpenClaw, affecting the integrity and availability of the service.

The CVSS v4 base score of 6.9 indicates a moderate severity impact, with high impact on integrity and limited impact on availability.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability involves dangerous environment variables like NODE_OPTIONS or LD_* being injected through configuration environment variables into the OpenClaw gateway service runtime. Detection involves checking for the presence of these dangerous environment variables in the environment where OpenClaw runs.'}, {'type': 'paragraph', 'content': 'You can inspect the environment variables of the OpenClaw process or its configuration files to detect if any blocked or dangerous environment variables are set. Key environment variables to look for include: BASH_ENV, ENV, NODE_OPTIONS, NODE_PATH, PYTHONHOME, PYTHONPATH, PERL5LIB, PERL5OPT, RUBYLIB, RUBYOPT, GCONV_PATH, IFS, SSLKEYLOGFILE, and any variables starting with BASH_FUNC_, DYLD_, or LD_.'}, {'type': 'paragraph', 'content': 'Suggested commands to detect these variables include:'}, {'type': 'list_item', 'content': 'On a running system, check environment variables of the OpenClaw process (replace <pid> with the actual process ID):'}, {'type': 'list_item', 'content': " - `cat /proc/<pid>/environ | tr '\\0' '\\n' | grep -E '^(BASH_ENV|ENV|NODE_OPTIONS|NODE_PATH|PYTHONHOME|PYTHONPATH|PERL5LIB|PERL5OPT|RUBYLIB|RUBYOPT|GCONV_PATH|IFS|SSLKEYLOGFILE|BASH_FUNC_|DYLD_|LD_)'`"}, {'type': 'list_item', 'content': 'Check configuration files or environment variable settings used to start OpenClaw for any of these variables.'}, {'type': 'list_item', 'content': 'Use shell commands to list environment variables and filter for dangerous ones before starting OpenClaw:'}, {'type': 'list_item', 'content': " - `env | grep -E '^(BASH_ENV|ENV|NODE_OPTIONS|NODE_PATH|PYTHONHOME|PYTHONPATH|PERL5LIB|PERL5OPT|RUBYLIB|RUBYOPT|GCONV_PATH|IFS|SSLKEYLOGFILE|BASH_FUNC_|DYLD_|LD_)'`"}] [1, 2, 3]

Mitigation Strategies

To mitigate this vulnerability, immediately upgrade OpenClaw to version 2026.2.21 or later, where the vulnerability has been fixed by blocking dangerous environment variables from configuration and runtime environments.

If upgrading is not immediately possible, manually sanitize and block dangerous environment variables such as NODE_OPTIONS, LD_*, DYLD_*, BASH_ENV, ENV, and others listed in the fix to prevent them from being injected into the OpenClaw runtime environment.

Ensure that configuration environment variables do not include any of the blocked keys or prefixes that could influence shell startup or dynamic library loading.

Review and restrict any skill environment overrides or other configuration inputs that might allow injection of unsafe environment variables.

Implement environment variable sanitization similar to the HostEnvSanitizer module introduced in the patch, which excludes blocked keys and prefixes and disallows overriding PATH in request-scoped environments.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-22177. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart