CVE-2026-29610 | OpenClaw up to 2026.2.13 Environment Variable uncontrolled search path (GHSA-jqpq-mgvm-f9r6)

Inserito da Angelo Barbosa | Mar 6, 2026 | CVE

A vulnerability was found in OpenClaw up to 2026.2.13. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Environment Variable Handler. This manipulation causes uncontrolled search path.

This vulnerability is registered as CVE-2026-29610. The attack needs to be launched locally. No exploit is available.

Upgrading the affected component is advised.

CVE-2026-29610 | OpenClaw up to 2026.2.13 Environment Variable uncontrolled search path (GHSA-jqpq-mgvm-f9r6)

Post correlati

CVE-2024-25574 | Delta Electronics DIAEnergie prior 1.10.00.005 GetDIAE_usListParameters sql injection (icsa-24-074-12)

CVE-2025-4767 | defog-ai introspect up to 0.1.4 Test Endpoint integration_routes.py test_custom_tool input_model code injection (Issue 496)

CVE-2024-45318 | SonicWall SMA100 up to 10.2.1.13-72sv Web Management Interface stack-based overflow (SNWLID-2024-0018)

CVE-2024-1201 | PanteraSoft HDD Health up to 4.2.0.112 unquoted search path