Garagon

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.4.20 **Description** Improper environment variable validation in the MCP stdio server configuration allows for arbitrary code execution. Malicious workspace configurations can pass dangerous startup variables, such as `NODE OPTIONS`, `LD PRELOAD`, or `BASH ENV`, to spawned MCP server processes, enabling code injection when operators start sessions using those servers. **Recommendations** Update to version 2026.4.20.