OpenClaw: Workspace .env File Can Override Trust Settings

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.3

OpenClaw: Workspace .env File Can Override Trust Settings

GHSA-qcj9-wwgw-6gm8

Summary

A high-risk issue exists in OpenClaw versions up to 2026.3.28, where a workspace's .env file can override the trust settings for bundled plugins. This could allow an attacker to gain unauthorized access by loading malicious plugins. To fix this, update to OpenClaw version 2026.3.31 or later.

What to do

Update openclaw to version 2026.3.31.

Affected software

Vendor	Product	Affected versions	Fix available
–	openclaw	<= 2026.3.28	2026.3.31

Original title

OpenClaw: Workspace `.env` can override the bundled plugin trust root

Original description

## Summary
Workspace `.env` can override the bundled plugin trust root

## Current Maintainer Triage
- Status: open
- Normalized severity: high
- Assessment: v2026.3.28 still lets workspace .env override OPENCLAW_BUNDLED_PLUGINS_DIR, but critical is too high because exploitation still depends on attacker-controlled workspace loading, not a universal remote break.

## Affected Packages / Versions
- Package: `openclaw` (npm)
- Latest published npm version: `2026.3.31`
- Vulnerable version range: `<=2026.3.28`
- Patched versions: `>= 2026.3.31`
- First stable tag containing the fix: `v2026.3.31`

## Fix Commit(s)
- `330a9f98cb29c79b1c16a2117e03d6276a0d6289` — 2026-03-31T19:25:12+09:00

OpenClaw thanks @nexrin for reporting.

ghsa CVSS4.0 7.3

Vulnerability type

CWE-15

Published: 3 Apr 2026 · Updated: 3 Apr 2026 · First seen: 3 Apr 2026