CVE-2026-34426

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to commit b57b680

Description OpenClaw is susceptible to an approval bypass due to inconsistent environment variable normalization between approval and execution processes. This allows attackers to inject attacker-controlled environment variables into execution without validation by the approval system. The differing normalization logic discards non-portable keys during approval but accepts them during execution, bypassing operator review and potentially enabling the execution of attacker-controlled binaries.

Recommendations Update OpenClaw to commit b57b680 or later.