CVE-2026-35650

HighPublic PoC

Published: 10 April 2026

Published

10 April 2026

Modified

13 April 2026

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0007 21.5th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-35650 is a high-severity External Control of System or Configuration Setting (CWE-15) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 21.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SC-4 (Information in Shared System Resources) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly addresses inconsistent sanitization paths by requiring validation of environment variable inputs to block malformed or blocked override keys.

SC-4 Information in Shared System Resources good match

prevent

Prevents unauthorized information transfer via shared system resources like environment variables in multi-tenant shared host environments.

SI-2 Flaw Remediation good match

prevent

Mitigates the vulnerability through identification and correction of the flaw via patching to patched OpenClaw versions.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1059 Command and Scripting Interpreter Execution

Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.

attack.mitre.org →

Why these techniques?

The vulnerability enables remote arbitrary code execution via environment variable override bypass in a network-accessible application (AV:N), directly facilitating T1190 for exploiting public-facing apps and T1059 for command/script execution in the application's context.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

OpenClaw before 2026.3.22 contains an environment variable override handling vulnerability that allows attackers to bypass the shared host environment policy through inconsistent sanitization paths. Attackers can supply blocked or malformed override keys that slip through inconsistent validation to execute arbitrary…

code with unintended environment variables.

Deeper analysisAI

CVE-2026-35650 is an environment variable override handling vulnerability in OpenClaw versions prior to 2026.3.22. The flaw stems from inconsistent sanitization paths that allow attackers to bypass the shared host environment policy. By supplying blocked or malformed override keys that evade validation, adversaries can execute arbitrary code while setting unintended environment variables, as classified under CWE-15. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).

Attackers with low privileges (PR:L) can exploit this over the network (AV:N), though it requires high attack complexity (AC:H) and no user interaction (UI:N). In a shared host environment, such as multi-tenant systems, a low-privileged user could supply specially crafted environment variable overrides to slip past sanitization checks. Successful exploitation enables high-impact confidentiality, integrity, and availability violations (C:H/I:H/A:H), including arbitrary code execution under the application's context with manipulated environment variables.

Mitigation is addressed in OpenClaw version 2026.3.22 and later, with fixes detailed in GitHub commits 630f1479c44f78484dfa21bb407cbe6f171dac87 and 7abfff756d6c68d17e21d1657bbacbaec86de232. The official security advisory at GHSA-39pp-xp36-q6mg and VulnCheck's analysis recommend immediate upgrades to patched versions to resolve the inconsistent validation logic.

Details

CWE(s): CWE-15

Affected Products

openclaw

≤ 2026.3.22

CVEs Like This One

CVE-2026-22177Same product: Openclaw Openclaw

CVE-2026-41303Same product: Openclaw Openclaw

CVE-2026-41294Same product: Openclaw Openclaw

CVE-2026-42423Same product: Openclaw Openclaw

CVE-2026-28454Same product: Openclaw Openclaw

CVE-2026-43531Same product: Openclaw Openclaw

CVE-2026-28470Same product: Openclaw Openclaw

CVE-2026-29607Same product: Openclaw Openclaw

CVE-2026-41384Same product: Openclaw Openclaw

CVE-2026-28473Same product: Openclaw Openclaw

References

https://github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87
Patch · disclosure@vulncheck.com
https://github.com/openclaw/openclaw/commit/7abfff756d6c68d17e21d1657bbacbaec86de232
Patch · disclosure@vulncheck.com
https://github.com/openclaw/openclaw/security/advisories/GHSA-39pp-xp36-q6mg
Vendor Advisory · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/openclaw-environment-variable-override-bypass-via-inconsistent-sanitization
Third Party Advisory · disclosure@vulncheck.com