PatchSiren cyber security CVE debrief
CVE-2026-53858 OpenClaw CVE debrief
CVE-2026-53858 is a HIGH severity vulnerability in OpenClaw before version 2026.5.2. The vulnerability is caused by an environment variable injection issue where the workspace .env STATE_DIRECTORY could influence bundled runtime dependency roots. This allows attackers to manipulate the STATE_DIRECTORY variable to load runtime dependencies from unintended local paths, potentially executing malicious code during dependency resolution. The Common Vulnerability Scoring System (CVSS) score for this vulnerability is 7.0.
- Vendor
- OpenClaw
- Product
- Unknown
- CVSS
- HIGH 7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-18
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-18
Who should care
Users of OpenClaw before version 2026.5.2 should apply the patch to prevent potential exploitation of this vulnerability.
Technical summary
The vulnerability exists in OpenClaw before version 2026.5.2. An attacker can manipulate the STATE_DIRECTORY variable to load runtime dependencies from unintended local paths, potentially leading to malicious code execution during dependency resolution.
Defensive priority
HIGH
Recommended defensive actions
- Apply the patch by updating OpenClaw to version 2026.5.2 or later.
- Review and monitor the STATE_DIRECTORY variable to prevent unintended manipulation.
Evidence notes
The CVE record was published on [resourceLinkAnnotations id='cve-org']CVE.org[/resourceLinkAnnotations] and additional details can be found on [resourceLinkAnnotations id='nvd']NVD[/resourceLinkAnnotations].
Official resources
CVE-2026-53858 was published on 2026-06-16T19:17:03.310Z and modified on 2026-06-16T20:42:46.200Z.