OpenClaw < 2026.1.20 Command Injection (GHSA-g55j-c2v4-pjcg)

The version of the OpenClaw AI assistant installed on the remote host is prior to 2026.1.20. It is, therefore, affected by a command injection vulnerability: - An unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that...

OpenClaw < 2026.1.30 Path Traversal (GHSA-r8g4-86fx-92mq)

The version of the OpenClaw AI assistant installed on the remote host is prior to 2026.1.30. It is, therefore, affected by a path traversal vulnerability: - The isValidMedia function in src/media/parse.ts allows arbitrary file paths including absolute paths, home directory paths, and directory...

Viral AI, Invisible Risks: What OpenClaw Reveals About Agentic Assistants

OpenClaw aka Clawdbot or Moltbot represents a new frontier in agentic AI: powerful, highly autonomous, and surprisingly easy to use. In this research, we examine how its capabilities compare to its predecessors’ and highlight the security risks inherent to the agentic AI paradigm...

CVE-2026-25253

OpenClaw aka clawdbot or Moltbot before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value...

CVE-2026-25253

OpenClaw aka clawdbot or Moltbot before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value...

CVE-2026-25253

OpenClaw aka clawdbot or Moltbot before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value...

CVE-2026-25253

OpenClaw aka clawdbot or Moltbot before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value...

OpenClaw

🦞 Moltbot/Clawdbot 1-Click RCE PoC A simplified, single-scrip...

PT-2026-5584

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.1.29 Description An authentication bypass issue exists in the WebSocket gateway of OpenClaw. The software fails to validate the user-supplied gatewayUrl parameter before initializing WebSocket connections. This...

Clawdbot’s rename to Moltbot sparks impersonation campaign

After the viral AI assistant Clawdbot was forced to rename to Moltbot due to a trademark dispute, opportunists moved quickly. Within days, typosquat domains and a cloned GitHub repository appeared—impersonating the project’s creator and positioning infrastructure for a potential supply-chain...

OpenClaw AI Assistant Installed

The OpenClaw AI assistant is installed on the remote host. Note that enabling the 'Perform thorough tests' setting will search the file system for the product. %NASLMINLEVEL 80900 C Tenable, Inc. include"compat.inc"; if description scriptid297108; scriptversion"1.3";...