CVE-2026-32003

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.22

Description OpenClaw contains an environment variable injection issue in the system.run function. This allows attackers to bypass command allowlist restrictions using the SHELLOPTS and PS4 environment variables. An attacker capable of invoking system.run with request-scoped environment variables can execute arbitrary shell commands outside the intended allowlisted command body through bash xtrace expansion. The issue arises because host exec environment sanitization did not block SHELLOPTS and PS4, and request-scoped environment overrides were passed through to shell wrappers, enabling command substitution.

Recommendations Versions prior to 2026.2.22 should be updated. Block SHELLOPTS and PS4 in host exec environment sanitizers. For shell wrappers, reduce request-scoped environment overrides to an explicit allowlist including TERM, LANG, LC *, COLORTERM, NO COLOR, and FORCE COLOR.