Security Advisory

CVE-2026-35650

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-10 16:03:13

Last updated 2026-04-10 18:22:40

Assigner VulnCheck

State PUBLISHED

Description

OpenClaw before 2026.3.22 contains an environment variable override handling vulnerability that allows attackers to bypass the shared host environment policy through inconsistent sanitization paths. Attackers can supply blocked or malformed override keys that slip through inconsistent validation to execute arbitrary code with unintended environment variables.

← Browse all CVEs View on cve.org ↗