—
GO-2026-5369
Crabbox: environment variable exposure vulnerability in github.com/openclaw/crabbox
Details
Crabbox: environment variable exposure vulnerability in github.com/openclaw/crabbox
Are you affected?
Enter the version of the package you're using.
Affected packages
Go / github.com/openclaw/crabbox
Introduced in:
0 Fixed in: 0.12.0 Fix
go get github.com/openclaw/crabbox@v0.12.0 References
- https://github.com/advisories/GHSA-fm77-94qm-4894 [ADVISORY]
- https://nvd.nist.gov/vuln/detail/CVE-2026-8634 [ADVISORY]
- https://github.com/openclaw/crabbox/commit/eaae40ae4ce009e60633f16f7f19600c74557f6f [FIX]
- https://github.com/openclaw/crabbox/pull/78 [FIX]
- https://github.com/openclaw/crabbox/releases/tag/v0.12.0 [WEB]
- https://www.vulncheck.com/advisories/crabbox-environment-variable-information-disclosure [WEB]