Cradicle Explorer
ai-agents-security_AI-Infra-Guard
/ data / vuln_en / openclaw / GHSA-qcj9-wwgw-6gm8.yaml
GHSA-qcj9-wwgw-6gm8.yaml
 1  info:
 2    name: OpenClaw
 3    cve: GHSA-qcj9-wwgw-6gm8
 4    summary: OpenClaw Workspace `.env` can override the bundled plugin trust root
 5    details: >-
 6      Summary
 7  
 8      Workspace .env can override the bundled plugin trust root
 9  
10  
11      Current Maintainer Triage
12  
13      - Status: open
14  
15      - Normalized severity: high
16  
17      - Assessment: v2026.3.28 still lets workspace .env override OPENCLAW_BUNDLED_PLUGINS_DIR, but critical is too high because
18      exploitation still depends on attacker-controlled workspace loading, not a universal remote break.
19  
20  
21      Affected Packages / Versions
22  
23      - Package: openclaw (npm)
24  
25      - Latest published npm version: 2026.3.31
26  
27      - Vulnerable version range: <=2026.3.28
28  
29      - Patched versions: >= 2026.3.31
30  
31      - First stable tag containing the fix: v2026.3.31
32    cvss: ''
33    severity: HIGH
34    security_advise: Upgrade openclaw to >= 2026.3.31 or later. Commit(s) - 330a9f98cb29c79b1c16a2117e03d6276a0d6289 — 2026-03-31T19:25:12+09:00
35    references:
36    - https://github.com/openclaw/openclaw/security/advisories/GHSA-qcj9-wwgw-6gm8
37  rule: version <= "2026.3.28"
38  references:
39  - https://github.com/openclaw/openclaw/security/advisories/GHSA-qcj9-wwgw-6gm8