CVE-2026-25253: OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains

OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.

• EPSS 0.1% (30.7% percentile)
• CVSS 8.8 high

Related briefings

• Malicious OpenClaw Skills Trick AI Agents Into Installing Atomic macOS Stealer: Trend Micro Identifies 2,200+ Poisoned Packages 2026-02-23
• The OpenClaw Security Crisis: From One-Click RCE to 824 Malicious Skills in Three Weeks 2026-02-20

Browse the CVE database

Read the full analysis on IntelFusions