CVE-2026-41332

Description

## Summary Host execution env sanitization did not block `GIT_TEMPLATE_DIR` or `AWS_CONFIG_FILE`, even though both can redirect trusted tooling to attacker-controlled content. ## Impact An approved exec request could redirect git or AWS CLI behavior through attacker-controlled configuration and execute untrusted code or load attacker-selected credentials. ## Affected Component `src/infra/host-env-security-policy.json, src/infra/host-env-security.ts` ## Fixed Versions - Affected: `<= 2026.3.24` - Patched: `>= 2026.3.28` - Latest stable `2026.3.28` contains the fix. ## Fix Fixed by commit `6eb82fba3c` (`Infra: block additional host exec env keys`). OpenClaw thanks @nicky-cc of Tencent zhuque Lab [https://github.com/Tencent/AI-Infra-Guard](https://github.com/Tencent/AI-Infra-Guard) for reporting.

How to fix CVE-2026-41332

To remediate CVE-2026-41332, upgrade the affected package to a fixed version below.

• —upgrade to 2026.3.28 or later

Is CVE-2026-41332 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 2026.3.28

CVSS scores

References (4)

• PATCHgithub.com/openclaw/openclaw
• WEBgithub.com/openclaw/openclaw/commit/6eb82fba3cbfd0e50b179c1fada92e1e22dce7fa
• WEBgithub.com/openclaw/openclaw/security/advisories/GHSA-m866-6qv5-p2fg
• WEBwww.vulncheck.com/advisories/openclaw-code-execution-via-missing-environment-variable-blocklist