OpenClaw allows malicious configuration files to override settings

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

9.7

OpenClaw allows malicious configuration files to override settings

GHSA-8rh7-6779-cjqq

Summary

A flaw in OpenClaw allows a malicious configuration file to override security settings when a user starts the application from a specific directory. This could potentially allow an attacker to access sensitive information or disrupt the application. To stay secure, update to version 2026.3.28 or later.

What to do

Update GitHub Actions openclaw to version 2026.3.28.

Affected software

Vendor	Product	Affected versions	Fix available
GitHub Actions	openclaw	<= 2026.3.24	2026.3.28

Original title

OpenClaw has a CWD `.env` environment variable injection which bypasses host-env policy and allows config takeover

Original description

## Summary

OpenClaw loaded the current working directory `.env` before trusted state-dir configuration, allowing untrusted workspace state to inject host environment values.

## Impact

A repository or workspace containing a malicious `.env` file could override runtime configuration and security-sensitive environment settings when OpenClaw started there.

## Affected Component

`src/infra/dotenv.ts, src/cli/dotenv.ts`

## Fixed Versions

- Affected: `<= 2026.3.24`
- Patched: `>= 2026.3.28`
- Latest stable `2026.3.28` contains the fix.

## Fix

Fixed by commit `6a79324802` (`Filter untrusted CWD .env entries before OpenClaw startup`).

ghsa CVSS3.1 9.7

Vulnerability type

CWE-426

Published: 1 Apr 2026 · Updated: 1 Apr 2026 · First seen: 1 Apr 2026