Vulnerability Description
OpenClaw versions prior to commit b57b680 contain an approval bypass vulnerability due to inconsistent environment variable normalization between approval and execution paths, allowing attackers to inject attacker-controlled environment variables into execution without approval system validation. Attackers can exploit differing normalization logic to discard non-portable keys during approval processing while accepting them at execution time, bypassing operator review and potentially influencing runtime behavior including execution of attacker-controlled binaries.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openclaw | Openclaw | < 2026.4.2 |
Related Weaknesses (CWE)
References
- https://github.com/openclaw/openclaw/commit/b57b680c0c34de907d57f60c38fb358e82aePatch
- https://github.com/openclaw/openclaw/pull/59182Issue TrackingPatch
- https://github.com/openclaw/openclaw/security/advisories/GHSA-98ch-45wp-ch47Vendor Advisory
- https://www.vulncheck.com/advisories/openclaw-approval-bypass-via-environment-vaThird Party Advisory
FAQ
What is CVE-2026-34426?
CVE-2026-34426 is a vulnerability with a CVSS score of 7.6 (HIGH). OpenClaw versions prior to commit b57b680 contain an approval bypass vulnerability due to inconsistent environment variable normalization between approval and execution paths, allowing attackers to in...
How severe is CVE-2026-34426?
CVE-2026-34426 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-34426?
Check the references section above for vendor advisories and patch information. Affected products include: Openclaw Openclaw.