GHSA-JQPQ-MGVM-F9R6: OpenClaw: The 'Helpful' Path to Remote Code Execution

Source: Dev.to

Vulnerability Overview

• Vulnerability ID: GHSA-JQPQ-MGVM-F9R6
• CWE IDs: CWE‑427, CWE‑78
• CVSS Score: 7.8 (High)
• Published: 2026‑02‑18
• Attack Vector: Local & Network
• Impact: Arbitrary Code Execution (Remote Code Execution)
• Exploit Maturity: Proof‑of‑Concept
• Patch Status: Fixed in OpenClaw v2026.2.14

OpenClaw, an open‑source platform for agent‑based automation, contained a critical set of design flaws related to handling of the system PATH variable. By prioritizing local directories over system paths and allowing request‑scoped environment overrides, the platform was vulnerable to binary hijacking and arbitrary code execution.

Affected Components

• OpenClaw Agent Hosts
• OpenClaw CLI environments
• CI/CD pipelines using OpenClaw

Affected Versions

openclaw/openclaw:  allowedOverrides.includes(k)));
+    const finalEnv = { ...process.env, ...envOverrides };

References

• GitHub Advisory: Advisory containing PoC logic (GHSA-JQPQ-MGVM-F9R6)
• Full Report: Available on the vendor’s website for detailed analysis, interactive diagrams, and additional remediation guidance.