Cyber Resilience

CVE-2026-4039

Medium

Published: 12 March 2026

Published
12 March 2026
Modified
16 March 2026
KEV Added
Patch
CVSS Score v4 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0032 23.2th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2026-4039 is a medium-severity Injection (CWE-74) vulnerability in Openclaw Openclaw. Its CVSS base score is 5.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked at the 23.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-4039 is a code injection vulnerability affecting OpenClaw version 2026.2.19-2, specifically in the applySkillConfigenvOverrides function of the Skill Env Handler component. The issue, linked to CWE-74 (Improper Neutralization of Special Elements used in an SQL Command) and CWE-94 (Improper Control of Generation of Code), was published on 2026-03-12 and carries a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

An attacker with low privileges can exploit this vulnerability remotely over the network with low complexity and no user interaction required. Manipulation of the affected function enables code injection, resulting in limited impacts to confidentiality, integrity, and availability.

Advisories recommend upgrading the affected component to OpenClaw version 2026.2.21-beta.1, which resolves the issue via patch commit 8c9f35cdb51692b650ddf05b259ccdd75cc9a83c. Details are available in the GitHub security advisory GHSA-82g8-464f-2mv7, the project repository, release notes, and VulDB entry ctiid.350651.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1 is…

more

able to resolve this issue. This patch is called 8c9f35cdb51692b650ddf05b259ccdd75cc9a83c. It is recommended to upgrade the affected component.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Why these techniques?

The vulnerability enables remote code injection over the network in a service component (Skill Env Handler) requiring low privileges, directly facilitating T1210: Exploitation of Remote Services.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-28466Same product: Openclaw Openclaw
CVE-2026-41352Same product: Openclaw Openclaw
CVE-2026-32052Same product: Openclaw Openclaw
CVE-2026-41378Same product: Openclaw Openclaw
CVE-2026-41364Same product: Openclaw Openclaw
CVE-2026-32922Same product: Openclaw Openclaw
CVE-2026-28485Same product: Openclaw Openclaw
CVE-2026-27523Same product: Openclaw Openclaw
CVE-2026-43573Same product: Openclaw Openclaw
CVE-2026-35670Same product: Openclaw Openclaw

Affected Assets

openclaw
openclaw
≤ 2026.2.21

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely remediation of the code injection flaw by applying the vendor-recommended patch to OpenClaw version 2026.2.21-beta.1.

prevent

Mandates validation of inputs to the applySkillConfigenvOverrides function to neutralize special elements and prevent code injection as described in CWE-74 and CWE-94.

detect

Provides integrity verification of software and information to detect unauthorized code modifications resulting from successful injection exploits.

References