Find notable cyber news and cases, enriched with sources, timelines, and signals.

OpenClaw public-facing RCE exposure with public exploit code remote code execution flaw

Vulnerability
First reported
Last updated
Happening score
H score 72
3 unique sources, 4 articles

Summary

Hide ▲

OpenClaw deployments exposed to the public internet face RCE risk, with 12,812 instances reportedly exploitable and public exploit code available. SecurityScorecard found 40,214 exposed instances tied to 28,663 unique IP addresses, and said the figure is still rising. The exposure is concentrated in China, the US, and Singapore, with information services the most impacted sector. Attackers could gain full access to systems the agent can interact with and abuse prompt injection or leaked API keys to widen the blast radius.

Related Happenings

OpenClaw outbound-mail approval gates and trust-scoped connector controls

Defensive Guidance
H score11 First: 11.06.2026 20:46 Last: 11.06.2026 20:46 Sources 1

About this happening: OpenClaw operators are adding **outbound-mail approval gates**, **trust-scoped connector access**, and **human approval** for risky actions to reduce **agent phishing** and unauth...

OpenClaw message-object prompt injection patched in 2026.4.23 security flaw

Vulnerability
H score15 First: 11.06.2026 20:46 Last: 11.06.2026 20:46 Sources 1

About this happening: **OpenClaw** has a patched **message-object prompt injection flaw** that let hidden instructions inside **shared contacts, vCards, and location pins** reach the LLM as trusted pro...

Sentry agentjacking analysis shows malicious error events can trigger AI coding agents

Technical Analysis
H score38 First: 11.06.2026 12:15 Last: 11.06.2026 12:15 Sources 1

About this happening: Researchers described **Agentjacking** as a new attack against **AI coding agents** that abuses **Sentry DSNs** and **MCP** to inject fake error data, causing agents like **Claude...

ChromaDB Python API exposure mitigation (CVE-2026-45829)

Advisory/Mitigation
H score25 First: 20.05.2026 01:25 Last: 20.05.2026 01:25 Sources 1

About this happening: **HiddenLayer** urged **ChromaDB** users to harden exposed deployments because **CVE-2026-45829** can still enable code execution on the **Python FastAPI** server. Until patch sta...

OpenAI launches Daybreak cybersecurity initiative for AI-powered vulnerability detection and patch validation

Security Tool/Service
H score25 First: 12.05.2026 09:55 Last: 12.05.2026 09:55 Sources 1

About this happening: OpenAI's **Daybreak** launch adds an **AI-powered cybersecurity service** for **vulnerability detection** and **patch validation**, helping organizations fix flaws before attacker...

Timeline

  1. 09.02.2026 11:30 2 articles · 5mo ago

    OpenClaw public-facing exposure and RCE findings

    Technical Analysis Update

    SecurityScorecard warned that OpenClaw, formerly Clawdbot and Moltbot, has 40,214 public-facing instances across 28,663 unique IP addresses, with 12,812 instances reportedly exploitable via remote code execution and 63% of observed deployments vulnerable. The analysis also says 549 exposed instances correlate with prior breach activity, 1,493 with known vulnerabilities, three high-severity CVEs have public exploit code, exposure is concentrated in China, the US and Singapore, information services is the most impacted industry, and some OpenClaw deployments face indirect prompt injection and leaked API key risk.

    Show sources
  2. 08.02.2026 09:32 2 articles · 5mo ago

    OpenClaw adds VirusTotal scanning for ClawHub skills

    Mitigation Patch Update

    OpenClaw partners with Google-owned VirusTotal to scan every skill uploaded to ClawHub using SHA-256 hashes and VirusTotal Code Insight, automatically approving benign bundles, flagging suspicious ones, and blocking malicious downloads; the security update also references a now-patched one-click remote code execution flaw that could leak the Gateway Control UI authentication token and enable arbitrary commands on the host.

    Show sources