Executive Summary

CVE-2026-41294 is a critical vulnerability in the OpenClaw npm package versions before 2026.3.28 where the application loads a .env file from the current working directory (CWD) before loading the trusted state-dir configuration.

This behavior allows an attacker to place a malicious .env file in a repository or workspace, which injects untrusted environment variables and overrides runtime configuration and security-sensitive settings during OpenClaw startup.

The vulnerability is related to untrusted search path issues (CWE-426) and external control of system or configuration settings (CWE-15). It was fixed in version 2026.3.28 by filtering out untrusted .env entries from the CWD before startup.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can allow an attacker to take over configuration settings by injecting malicious environment variables, potentially leading to severe security breaches.

• Unauthorized control over system or configuration settings.
• Significant impact on confidentiality, integrity, and availability of the system.
• Potential exposure of sensitive data and disruption of service availability.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by checking if there is a .env file present in the current working directory (CWD) of OpenClaw before startup, as the application loads this file prior to the trusted state-dir configuration. Presence of a malicious or unexpected .env file in the workspace or repository could indicate exploitation.

You can manually inspect the current working directory for any .env files using commands like:

• ls -la .env
• cat .env

Additionally, you can check the OpenClaw version to ensure it is not vulnerable (versions prior to 2026.3.28 are affected):

• openclaw --version

Monitoring for unexpected environment variable changes or suspicious startup behavior of OpenClaw may also help detect exploitation attempts.

Useful 0 Not Useful 0

Mitigation Strategies

The immediate mitigation step is to upgrade OpenClaw to version 2026.3.28 or later, where the vulnerability has been fixed by filtering out untrusted .env entries from the current working directory before startup.

Additionally, ensure that no untrusted or malicious .env files exist in the current working directory or any workspace/repository directories used by OpenClaw.

Restrict write permissions to directories where OpenClaw runs to prevent attackers from placing malicious .env files.

Review and monitor environment variables and runtime configurations for unauthorized changes.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows attackers to inject malicious environment variables that can override runtime configuration and security-sensitive settings during OpenClaw startup. This can lead to unauthorized control over system or configuration settings, potentially causing significant breaches in confidentiality, integrity, and availability of data.

Such breaches could impact compliance with common standards and regulations like GDPR and HIPAA, which require strict protection of sensitive data and system integrity. Unauthorized access or modification of sensitive data due to this vulnerability may result in violations of these regulations.

Useful 0 Not Useful 0