CVE-2026-41330
Environment Variable Override in OpenClaw Enables Security Bypass
Publication date: 2026-04-21
Last updated on: 2026-04-27
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.3.31 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-453 | The product, by default, initializes an internal variable with an insecure or less secure value than is possible. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can allow attackers with local access and low privileges to bypass important security controls in OpenClaw.
- Attackers can reroute network traffic through malicious proxies by overriding proxy environment variables.
- They can disable TLS certificate verification, increasing the risk of man-in-the-middle attacks.
- Docker commands can be redirected to attacker-controlled endpoints, potentially leading to unauthorized container access or manipulation.
- Git TLS enforcement can be circumvented, weakening the security of Git operations.
Overall, these impacts can lead to compromised confidentiality and integrity of network communications and containerized environments.
Can you explain this vulnerability to me?
CVE-2026-41330 is a vulnerability in OpenClaw versions before 2026.3.31 involving improper enforcement of environment variable overrides in the host execution policy.
Attackers can exploit this flaw by overriding environment variables related to proxy settings, TLS verification, Docker configurations, and Git TLS enforcement, allowing them to bypass these critical security controls.
The vulnerability arises because the host exec environment policy did not block or sanitize dangerous environment variables, enabling attackers to manipulate network traffic routing, disable TLS certificate verification, or redirect Docker commands to attacker-controlled endpoints.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking whether environment variables related to proxy, TLS, Docker, and Git TLS controls are being overridden during host execution in OpenClaw versions prior to 2026.3.31.
Specifically, you can monitor or audit the environment variables such as HTTP_PROXY, HTTPS_PROXY, ALL_PROXY, NO_PROXY, NODE_TLS_REJECT_UNAUTHORIZED, NODE_EXTRA_CA_CERTS, SSL_CERT_FILE, SSL_CERT_DIR, REQUESTS_CA_BUNDLE, CURL_CA_BUNDLE, GIT_SSL_NO_VERIFY, GIT_SSL_CAINFO, GIT_SSL_CAPATH, DOCKER_HOST, DOCKER_TLS_VERIFY, and DOCKER_CERT_PATH for unauthorized overrides.
Commands to detect suspicious environment variable overrides might include:
- Using shell commands to list environment variables in running processes, for example: `ps eww <pid>` or `cat /proc/<pid>/environ | tr '\0' '\n'` to inspect environment variables of processes.
- Searching for override attempts in OpenClaw skill configurations or logs that try to set these environment variables.
- Using monitoring tools or scripts to detect if any of the dangerous environment variables are set differently than expected or inherited from trusted sources.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade OpenClaw to version 2026.3.31 or later, which contains the fix that blocks dangerous environment variable overrides during host execution.
If upgrading immediately is not possible, you should manually enforce restrictions on environment variable overrides related to proxy, TLS, Docker, and Git TLS settings in your deployment and execution environments.
- Block or sanitize environment variables such as HTTP_PROXY, HTTPS_PROXY, ALL_PROXY, NO_PROXY, NODE_TLS_REJECT_UNAUTHORIZED, NODE_EXTRA_CA_CERTS, SSL_CERT_FILE, SSL_CERT_DIR, REQUESTS_CA_BUNDLE, CURL_CA_BUNDLE, GIT_SSL_NO_VERIFY, GIT_SSL_CAINFO, GIT_SSL_CAPATH, DOCKER_HOST, DOCKER_TLS_VERIFY, and DOCKER_CERT_PATH from being overridden in request-scoped commands or skill environment overrides.
- Ensure that trusted environment variables are inherited and not overridden by untrusted sources.
- Review and restrict permissions to prevent low-privilege users from injecting environment variable overrides.
Additionally, verify that sandbox runtimes are available and configured to fail closed if unavailable, to enhance execution security.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in OpenClaw allows attackers to bypass critical security controls related to proxy settings, TLS verification, Docker restrictions, and Git TLS enforcement by overriding environment variables. This bypass can lead to insecure network communications, potential man-in-the-middle attacks, and unauthorized access to containerized or networked environments.
Such security control failures could impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of data integrity, confidentiality, and secure communication channels. By allowing circumvention of TLS verification and proxy controls, the vulnerability increases the risk of data exposure or unauthorized data access, which may violate these regulatory requirements.
However, the provided information does not explicitly state direct compliance impacts or specific regulatory violations caused by this vulnerability.