Executive Summary

CVE-2026-41368 is a vulnerability in OpenClaw versions before 2026.3.28 involving the jq safe-bin policy. The policy was intended to block access to environment variables in jq commands, but it failed to block the use of the $ENV filter.

Attackers can exploit this flaw to bypass safe-bin restrictions and access sensitive environment variables that should be restricted, leading to an unintended disclosure of confidential environment data.

The root cause is an incorrect regular expression handling (CWE-185) or exposure of resources to the wrong sphere (CWE-668), allowing jq programs to leak environment variables despite the safe-bin policy.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive environment variables, which may contain confidential information such as credentials, tokens, or configuration details.

Because the attack can be performed remotely over the network with low complexity and without user interaction, it poses a significant confidentiality risk.

The impact is limited to confidentiality; integrity and availability are not affected.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves the jq safe-bin policy failing to block the $ENV filter, allowing environment variable disclosure through jq commands.

To detect this vulnerability on your system, you can check the version of OpenClaw installed and verify if it is prior to 2026.3.28, as versions before this contain the flaw.

Additionally, you can monitor or audit jq commands executed within your environment for usage of the $ENV filter, which should be blocked by the safe-bin policy but is not in vulnerable versions.

A possible command to check the OpenClaw version is:

• openclaw --version

To detect jq commands using the $ENV filter, you might search logs or scripts for occurrences of '$ENV' in jq invocations, for example:

• grep -r '\$ENV' /path/to/scripts_or_logs

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows unauthorized disclosure of sensitive environment variables by bypassing safe-bin restrictions in OpenClaw. This exposure of confidential information could potentially lead to non-compliance with data protection regulations such as GDPR and HIPAA, which mandate strict controls on the confidentiality and protection of sensitive data.

Since the vulnerability results in a confidentiality breach, organizations using affected versions of OpenClaw may face increased risk of violating privacy and security requirements imposed by these standards, especially if environment variables contain personal or protected health information.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation step is to upgrade OpenClaw to version 2026.3.28 or later, where the jq safe-bin policy has been fixed to properly restrict the use of the $ENV filter.

Until the upgrade can be applied, restrict or monitor the execution of jq commands that might use the $ENV filter to prevent unauthorized environment variable disclosure.

Additionally, review and tighten permissions for users with privileges to run jq commands within OpenClaw to reduce the risk of exploitation.

Useful 0 Not Useful 0