CVE-2026-62203
HIGH
NVD
CVSS Score
8.8
Severity
HIGH
Published
Jul 17, 2026
Vendor
unknown
Description
OpenClaw versions before 2026.6.6 contain an environment variable filtering vulnerability in host exec that fails to properly sanitize rustup startup variables. Attackers with lower-trust caller access or configured input paths can execute or persist actions beyond their intended authorization level.