OpenClaw public-facing RCE exposure with public exploit code remote code execution flaw
Vulnerability
Summary
Hide ▲
Show ▼
OpenClaw deployments exposed to the public internet face RCE risk, with 12,812 instances reportedly exploitable and public exploit code available. SecurityScorecard found 40,214 exposed instances tied to 28,663 unique IP addresses, and said the figure is still rising. The exposure is concentrated in China, the US, and Singapore, with information services the most impacted sector. Attackers could gain full access to systems the agent can interact with and abuse prompt injection or leaked API keys to widen the blast radius.
Related Happenings
ChromaDB Python API exposure mitigation (CVE-2026-45829)
Advisory/Mitigation
First: 20.05.2026 01:25
Last: 20.05.2026 01:25
Sources 1
About this happening:
**HiddenLayer** urged **ChromaDB** users to harden exposed deployments because **CVE-2026-45829** can still enable code execution on the **Python FastAPI** server. Until patch sta...
ChromaDB Python API exposure mitigation (CVE-2026-45829)
Advisory/MitigationAbout this happening: **HiddenLayer** urged **ChromaDB** users to harden exposed deployments because **CVE-2026-45829** can still enable code execution on the **Python FastAPI** server. Until patch sta...
OpenAI launches Daybreak cybersecurity initiative for AI-powered vulnerability detection and patch validation
Security Tool/Service
First: 12.05.2026 09:55
Last: 12.05.2026 09:55
Sources 1
About this happening:
OpenAI's **Daybreak** launch adds an **AI-powered cybersecurity service** for **vulnerability detection** and **patch validation**, helping organizations fix flaws before attacker...
OpenAI launches Daybreak cybersecurity initiative for AI-powered vulnerability detection and patch validation
Security Tool/ServiceAbout this happening: OpenAI's **Daybreak** launch adds an **AI-powered cybersecurity service** for **vulnerability detection** and **patch validation**, helping organizations fix flaws before attacker...
Internet-exposed Rockwell Automation/Allen-Bradley PLCs concentrated in the United States
Target Trend
First: 10.04.2026 18:52
Last: 10.04.2026 18:52
Sources 1
About this happening:
A measured exposure pattern shows **5,219** internet-facing **Rockwell Automation/Allen-Bradley** PLC hosts worldwide, expanding the attack surface for **industrial control** netw...
Internet-exposed Rockwell Automation/Allen-Bradley PLCs concentrated in the United States
Target TrendAbout this happening: A measured exposure pattern shows **5,219** internet-facing **Rockwell Automation/Allen-Bradley** PLC hosts worldwide, expanding the attack surface for **industrial control** netw...
ComfyUI cryptomining and proxy botnet campaign targeting exposed instances
Campaign
First: 07.04.2026 15:46
Last: 07.04.2026 15:46
Sources 1
About this happening:
An **active ComfyUI campaign** is scanning exposed instances, exploiting unsafe custom nodes, and enlisting compromised hosts into a **cryptomining and proxy botnet**. The operati...
ComfyUI cryptomining and proxy botnet campaign targeting exposed instances
CampaignAbout this happening: An **active ComfyUI campaign** is scanning exposed instances, exploiting unsafe custom nodes, and enlisting compromised hosts into a **cryptomining and proxy botnet**. The operati...
OpenClaw hardening guidance (CNCERT)
Advisory/Mitigation
First: 14.03.2026 18:17
Last: 14.03.2026 18:17
Sources 1
About this happening:
China's **CNCERT** issued mitigation guidance for **OpenClaw**, warning that weak defaults and privileged access could let attackers seize endpoints, leak data, or trigger destruc...
OpenClaw hardening guidance (CNCERT)
Advisory/MitigationAbout this happening: China's **CNCERT** issued mitigation guidance for **OpenClaw**, warning that weak defaults and privileged access could let attackers seize endpoints, leak data, or trigger destruc...
Timeline
-
09.02.2026 11:30 2 articles · 3mo ago
OpenClaw public-facing exposure and RCE findings
Technical Analysis UpdateSecurityScorecard warned that OpenClaw, formerly Clawdbot and Moltbot, has 40,214 public-facing instances across 28,663 unique IP addresses, with 12,812 instances reportedly exploitable via remote code execution and 63% of observed deployments vulnerable. The analysis also says 549 exposed instances correlate with prior breach activity, 1,493 with known vulnerabilities, three high-severity CVEs have public exploit code, exposure is concentrated in China, the US and Singapore, information services is the most impacted industry, and some OpenClaw deployments face indirect prompt injection and leaked API key risk.
Show sources
- Researchers Find 40,000+ Exposed OpenClaw Instances — www.infosecurity-magazine.com — 09.02.2026 11:30
- How AI Assistants are Moving the Security Goalposts — krebsonsecurity.com — 09.03.2026 01:35
-
08.02.2026 09:32 2 articles · 3mo ago
OpenClaw adds VirusTotal scanning for ClawHub skills
Mitigation Patch UpdateOpenClaw partners with Google-owned VirusTotal to scan every skill uploaded to ClawHub using SHA-256 hashes and VirusTotal Code Insight, automatically approving benign bundles, flagging suspicious ones, and blocking malicious downloads; the security update also references a now-patched one-click remote code execution flaw that could leak the Gateway Control UI authentication token and enable arbitrary commands on the host.
Show sources
- OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills — thehackernews.com — 08.02.2026 09:32
- Researchers Reveal Six New OpenClaw Vulnerabilities — www.infosecurity-magazine.com — 19.02.2026 12:00