CVE-2026-45003: OpenClaw: Workspace dotenv files cannot override connector endpoint hosts
(updated )
Workspace dotenv files cannot override connector endpoint hosts.
References
- github.com/advisories/GHSA-55cf-xx38-4p9p
- github.com/openclaw/openclaw/commit/0623079e98abf7202591f1b04a89755eb7ec9272
- github.com/openclaw/openclaw/security/advisories/GHSA-55cf-xx38-4p9p
- nvd.nist.gov/vuln/detail/CVE-2026-45003
- www.vulncheck.com/advisories/openclaw-connector-endpoint-host-override-via-workspace-dotenv-files
Code Behaviors & Features
Detect and mitigate CVE-2026-45003 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →