Incomplete List of Disallowed Inputs Affecting openclaw package, versions <2026.5.28


Severity

Recommended
0.0
high
0
10

CVSS assessment by Snyk's Security Team. Learn more

Threat Intelligence

EPSS
0.19% (10th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-JS-OPENCLAW-17905620
  • published9 Jul 2026
  • disclosed8 Jul 2026
  • creditHar1sh-k

Introduced: 8 Jul 2026

NewCVE-2026-59261  (opens in a new tab)
CWE-184  (opens in a new tab)

How to fix?

Upgrade openclaw to version 2026.5.28 or higher.

Overview

openclaw is a 🦞 OpenClaw — Personal AI Assistant

Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs through workspace dotenv loading in the gateway's provider credential resolution path. An attacker can supply a workspace .env file or controlled path that is loaded ahead of trusted provider settings, causing the gateway to use attacker-controlled environment values instead of the intended credentials. This exposes provider credentials or other sensitive data tied to those credentials, and it can break access to the affected provider by sending requests with the wrong identity or secrets.

Workarounds

  • Restrict access to workspace .env files and other configured input paths to trusted operators only; do not let lower-trust users supply those paths, as this prevents attacker-controlled environment values from overriding provider credentials.

CVSS Base Scores

version 4.0
version 3.1