PatchSiren cyber security CVE debrief
CVE-2026-53864 OpenClaw CVE debrief
CVE-2026-53864 is a HIGH-severity vulnerability in OpenClaw, a software that failed to properly sanitize environment variables, allowing attackers to influence child processes or coverage output paths. The vulnerability was published on [cvePublishedAt] and modified on [cveModifiedAt].
- Vendor
- OpenClaw
- Product
- Unknown
- CVSS
- HIGH 7.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-18
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-18
Who should care
Users of OpenClaw before version 2026.5.26 should apply the patch to prevent exploitation.
Technical summary
The vulnerability exists in the host environment sanitizer of OpenClaw, allowing Node.js control variables to bypass validation. Attackers with access to workspace .env files, tool environment overrides, or skill environment blocks can pass malicious Node.js control variables.
Defensive priority
HIGH
Recommended defensive actions
- Apply the patch: Upgrade OpenClaw to version 2026.5.26 or later.
- Review and restrict access to workspace .env files, tool environment overrides, and skill environment blocks.
Evidence notes
The CVE record was obtained from [resourceLinkAnnotations:cve-org]. Additional information was obtained from [resourceLinkAnnotations:nvd] and [resourceLinkAnnotations:ref-4] and [resourceLinkAnnotations:ref-5].
Official resources
CVE-2026-53864 was disclosed by Vulncheck on June 16, 2026.