Executive Summary

CVE-2026-32056 is a vulnerability in OpenClaw versions prior to 2026.2.22 where the system.run function fails to properly sanitize the shell startup environment variables HOME and ZDOTDIR.

Because these variables are not sanitized, attackers can manipulate them to point to malicious shell startup files such as .bash_profile or .zshenv. These files are executed before the allowlist-evaluated commands run, allowing attackers to bypass command allowlist protections and execute arbitrary code remotely.

The vulnerability arises because the shell-wrapper’s allowlist mode only models command bodies and does not account for side effects caused by shell startup scripts triggered by these environment variables.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to remote code execution (RCE) on systems running vulnerable versions of OpenClaw.

An attacker can inject malicious shell startup files that execute arbitrary commands before the intended allowlist-evaluated commands, effectively bypassing security controls.

This can compromise the confidentiality, integrity, and availability of the affected system, potentially allowing attackers to take control, steal data, or disrupt services.

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability involves injection through the HOME and ZDOTDIR environment variables that affect shell startup files such as .bash_profile or .zshenv. Detection involves checking if these environment variables are being overridden or if malicious startup files exist that could be executed.'}, {'type': 'list_item', 'content': 'Check for unexpected or suspicious .bash_profile or .zshenv files in user home directories that could be malicious.'}, {'type': 'list_item', 'content': 'Inspect environment variables HOME and ZDOTDIR in processes running system.run or related OpenClaw commands to see if they have been overridden.'}, {'type': 'list_item', 'content': "Use commands like `ps aux | grep openclaw` to identify running OpenClaw processes and then check their environment variables with `cat /proc/<pid>/environ | tr '\\0' '\\n' | grep -E 'HOME|ZDOTDIR'`."}, {'type': 'list_item', 'content': "Audit shell startup files for suspicious content, for example: `grep -r --include=.bash_profile --include=.zshenv 'malicious_command' /home/`."}] [2, 3]

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation is to upgrade OpenClaw to version 2026.2.22 or later, where the vulnerability is fixed by properly sanitizing the HOME and ZDOTDIR environment variables to prevent override by untrusted inputs.

• Apply the patch that blocks overrides of HOME and ZDOTDIR environment variables as introduced in the fix commit c2c7114ed39a547ab6276e1e933029b9530ee906.
• Review and restrict permissions on shell startup files (.bash_profile, .zshenv) to prevent unauthorized modification.
• Implement monitoring to detect any attempts to override these environment variables or modify startup files.
• Consider restricting or auditing the use of system.run function or similar commands that execute shell commands with environment variables.

Useful 0 Not Useful 0