cyberMEDIUM2026-05-05 11:25 UTC

CVE-2026-43531 - OpenClaw < 2026.4.9 - Environment Variable Injection via Workspace .env File

CVE ID :CVE-2026-43531 Published : May 5, 2026, 11:25 a.m. | 47 minutes ago Description :OpenClaw before 2026.4.9 contains an environment variable injection vulnerability allowing malicious workspace .env files to set runtime-control variables. Attackers can inject variables affecting update s

ORIGINAL SOURCE →via CVE Feed Latest

⚡ STAY AHEAD

Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.

GET THE SUNDAY BRIEFING →

RELATED · cyber

[CYBER] CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
[CYBER] Stop triaging Go CVEs that don't affect you
[CYBER] Gaza: Israeli strikes kill 2 Palestinians in latest truce breach
[CYBER] Hackers Abuse DAEMON Tools Distribution Channel to Deliver Malicious Payloads
[CYBER] The EOL Blind Spot in Your CVE Feed: What SCA Tools Don't Check.
[CYBER] Fake SSA Emails Drive Venomous#Helper Phishing Campaign

Editorial policy · Report a correction