CVE-2026-25253KEVEXPLOITEDPATCHED

openclaw · openclaw

OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.

Description

Affected Products

Vendor	Product	Versions
openclaw	openclaw	< 2026.1.29

References

https://depthfirst.com/post/1-click-rce-to-steal-your-moltbot-data-and-keys(Exploit, Third Party Advisory)
https://ethiack.com/news/blog/one-click-rce-moltbot(Exploit, Third Party Advisory)
https://github.com/openclaw/openclaw/security/advisories/GHSA-g8p2-7wf7-98mq(Vendor Advisory)
https://openclaw.ai/blog(Product)
https://x.com/0xacb/status/2016913750557651228(Exploit)
https://depthfirst.com/post/1-click-rce-to-steal-your-moltbot-data-and-keys(Exploit, Third Party Advisory)

Related News (1 articles)

Tier C

Qualys Blog2h ago

Anatomy of an Autonomous AI Agent Risk: How Qualys ETM Connects the Dots on OpenClaw

→ No new info (linked only)

CVSS 3.18.8 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA KEV✅ Yes

Actively exploited✅ Yes

Patch available

2026.1.29

CWECWE-669, CWE-20

PublishedFeb 1, 2026

Last enriched2h agov2

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-35647EXP

OpenClaw < 2026.3.25 - Direct Message Policy Bypass via Verification Notices

Trending: 69

CRITICALCVE-2026-35663EXP

OpenClaw < 2026.3.25 - Privilege Escalation via Backend Reconnect Scope Self-Claim

Trending: 60

CRITICALCVE-2026-35669EXP

OpenClaw < 2026.3.25 - Privilege Escalation via Gateway Plugin HTTP Authentication Scope

Trending: 60

NONECVE-2026-35668EXP

OpenClaw < 2026.3.24 - Sandbox Media Root Bypass via Unnormalized mediaUrl and fileUrl Parameters

Trending: 58

MEDIUMCVE-2026-35665

OpenClaw < 2026.3.24 - Denial of Service via Feishu Webhook Pre-Auth Body Parsing

Trending: 51

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Vulnerability Timeline

CVE Published

Feb 1, 2026

Added to CISA KEV

Feb 1, 2026

Actively Exploited

Feb 13, 2026

Patch Available

Feb 13, 2026

Discovered by ZDM

Apr 1, 2026

Updated: cweIds, iocs, mitreAttack, tags

Apr 13, 2026

Version History

Last enriched 2h ago

v2Tier C2h ago

Updated description with technical details, added new CWE, changed CVSS to 9.5, marked exploit as available, and included new IoCs and tags.

cweIdsiocsmitreAttacktags

via Qualys Blog

v111d ago

Initial creation