Skip to content
cyberMEDIUM2026-05-11 18:16 UTC

CVE-2026-44995 - OpenClaw < 2026.4.20 - Arbitrary Code Execution via MCP stdio Environment Variables

CVE ID :CVE-2026-44995 Published : May 11, 2026, 6:16 p.m. | 49 minutes ago Description :OpenClaw before 2026.4.20 contains an improper environment variable validation vulnerability in MCP stdio server configuration that allows attackers to execute arbitrary code. Malicious workspace configura

ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD

Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.

GET THE SUNDAY BRIEFING →

RELATED · cyber

Editorial policy · Report a correction