OpenClaw: Workspace Environment Variables Can Override Plugin Trust

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.9

OpenClaw: Workspace Environment Variables Can Override Plugin Trust

GHSA-qcj9-wwgw-6gm8

Summary

If an attacker controls the workspace environment variables, they can potentially bypass security settings in OpenClaw. This is a high-risk issue, but it requires an attacker to have control over the workspace, not just a remote vulnerability. Update to version 2026.3.31 or later to fix this issue.

What to do

Update openclaw to version 2026.3.31.

Affected software

Vendor	Product	Affected versions	Fix available
–	openclaw	<= 2026.3.31	2026.3.31

Original title

OpenClaw: Workspace `.env` can override the bundled plugin trust root

Original description

## Summary
Workspace `.env` can override the bundled plugin trust root

## Current Maintainer Triage
- Status: open
- Normalized severity: high
- Assessment: v2026.3.28 still lets workspace .env override OPENCLAW_BUNDLED_PLUGINS_DIR, but critical is too high because exploitation still depends on attacker-controlled workspace loading, not a universal remote break.

## Affected Packages / Versions
- Package: `openclaw` (npm)
- Latest published npm version: `2026.3.31`
- Vulnerable version range: `<=2026.3.28`
- Patched versions: `>= 2026.3.31`
- First stable tag containing the fix: `v2026.3.31`

## Fix Commit(s)
- `330a9f98cb29c79b1c16a2117e03d6276a0d6289` — 2026-03-31T19:25:12+09:00

OpenClaw thanks @nexrin for reporting.

osv CVSS4.0 8.9

Vulnerability type

CWE-15

Published: 3 Apr 2026 · Updated: 3 Apr 2026 · First seen: 3 Apr 2026