CVE-2026-44992
EPSS 0.01%OpenClaw: Workspace dotenv MiniMax host override could redirect credentialed requests
描述
## Affected Packages / Versions - Package: `openclaw` (npm) - Affected versions: `>= 2026.4.5, < 2026.4.20` - Patched version: `2026.4.20` ## Impact A malicious workspace `.env` could set `MINIMAX_API_HOST` and redirect credentialed MiniMax requests to an attacker-controlled origin, exposing the MiniMax API key in the outbound `Authorization` header. This requires running OpenClaw from an attacker-controlled workspace. Severity is medium. ## Fix OpenClaw now blocks `MINIMAX_API_HOST` from workspace dotenv injection and removes env-driven URL routing from the affected MiniMax request path. Fix commit: - `2f06696579a1ab0cb5bbbbb6a900414a6b2e3cd1` ## Release Fixed in OpenClaw `2026.4.20`.
受影響套件(1)
- npm/openclaw>= 2026.4.5, < 2026.4.20
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N |
參考連結(5)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-44992
- PATCHhttps://github.com/openclaw/openclaw
- WEBhttps://github.com/openclaw/openclaw/commit/2f06696579a1ab0cb5bbbbb6a900414a6b2e3cd1
- WEBhttps://github.com/openclaw/openclaw/security/advisories/GHSA-h2vw-ph2c-jvwf
- WEBhttps://www.vulncheck.com/advisories/openclaw-minimax-api-host-override-via-workspace-dotenv