Executive Summary

This vulnerability exists in OpenClaw versions before 2026.3.22 and involves improper handling of environment variable overrides. Attackers can exploit inconsistent sanitization processes to bypass the shared host environment policy by supplying blocked or malformed override keys. This allows them to execute arbitrary code with unintended environment variables.

Useful 0 Not Useful 0

Impact Analysis

The vulnerability can lead to attackers executing arbitrary code on the affected system with unintended environment variables. This can compromise the confidentiality, integrity, and availability of the system, potentially allowing unauthorized access, data manipulation, or disruption of services.

Useful 0 Not Useful 0

Compliance Impact

CVE-2026-35650 allows attackers to bypass shared host environment policies and execute arbitrary code by exploiting inconsistent sanitization of environment variable overrides. This can lead to unauthorized system configuration changes and potential data breaches.

Such unauthorized code execution and environment manipulation could compromise the confidentiality, integrity, and availability of sensitive data, which are core requirements in standards like GDPR and HIPAA.

Therefore, if exploited, this vulnerability may cause non-compliance with these regulations by failing to adequately protect sensitive data and system configurations from unauthorized access or modification.

Useful 0 Not Useful 0

Detection Guidance

Detection of CVE-2026-35650 involves monitoring for attempts to override blocked or malformed environment variable keys in OpenClaw gateway and node execution environments. The vulnerability manifests when environment variable overrides bypass sanitization and validation.

Specifically, the node runtime inspects environment overrides using a sanitizer that rejects invalid or blocked keys before command execution. If such keys are detected, the system denies execution with an error response indicating SYSTEM_RUN_DENIED and listing the problematic keys.

To detect exploitation attempts, you can monitor logs or error responses for SYSTEM_RUN_DENIED events related to environment variable overrides.

While no explicit commands are provided in the resources, you can check for suspicious environment variable override attempts by inspecting OpenClaw gateway and node logs for errors related to environment override rejections.

• Review OpenClaw logs for SYSTEM_RUN_DENIED errors indicating blocked or malformed environment variable keys.
• Audit environment variable override requests to identify keys that do not conform to the naming rules or are on the blocked list (e.g., PATH, CLASSPATH, CGO_CFLAGS).
• Use monitoring tools to detect unexpected environment variable changes or command executions with unusual environment contexts.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation step is to upgrade OpenClaw to version 2026.3.22 or later, where the vulnerability has been fixed by centralizing and enforcing strict environment variable sanitization.

The fix includes a fail-closed security model that rejects any blocked or malformed environment variable overrides before command execution, preventing arbitrary code execution with unintended environment variables.

• Upgrade OpenClaw to version 2026.3.22 or newer.
• Ensure that environment variable overrides are routed through the updated sanitizer that enforces strict validation and blocks sensitive keys such as PATH, CLASSPATH, and others.
• Audit and restrict environment variable override inputs to prevent injection of malformed or blocked keys.
• Monitor system logs for any SYSTEM_RUN_DENIED errors indicating attempts to override blocked environment variables.

Useful 0 Not Useful 0