Security exposure wave: CVEs, phishing, exploits, critiques
Key Questions
What vulnerability was found in ClawHub?
A critical vulnerability in ClawHub allowed attackers to manipulate rankings to become the #1 skill through RPC fake downloads and exfiltration. It was fixed in March 2016 with ClawNet scans. Security researchers uncovered this issue in the public skills registry for OpenClaw.
How many OpenClaw deployments are exposed to risks?
35% of internet-exposed OpenClaw deployments are vulnerable, particularly to CVE-2026-25253 involving WebSocket exfiltration and prompt injection. Hardening guides address this exposure. Related videos discuss safe usage and deployment hardening.
What is OpenClaw's security policy?
OpenClaw has no bug bounty program or budget for paid reports, but encourages disclosure of vulnerabilities. It is described as a labor of love. The policy is outlined in the openclaw/openclaw GitHub repository.
How can users harden their OpenClaw deployments?
Hardening involves updates to versions 3.22-3.24 and v2026.2.26, including sandboxing, secrets management, VPS lockdowns, and fixes for SSH/ClawHub/Tailscale/Docker. Hong Kong guidelines and videos provide safe usage tips, while NSFOCUS recommends multi-layer protection against 341+ malware skills, poisoning, IOCs, and phishing.
What defenses does NSFOCUS recommend for OpenClaw?
NSFOCUS Threat Intelligence suggests building a multi-layer protection system for OpenClaw against threats like poisoning, IOCs, and phishing. This is crucial as AI agents like OpenClaw see high-frequency use in 2026. Their report details defense strategies.
ClawHub ranking vuln (RPC fake downloads/exfil, fixed Mar16/ClawNet scans), 341+ malware skills/NSFOCUS poisoning/IOCs/phishing, new CVE-2026-25253 WebSocket exfil/prompt injection/35% exposed deploys, RSAC Cisco DefenseClaw/OpenShell, ongoing CVEs/GhostClaw/CertiK RCE/MCP, GitHub security policy; hardening via 3.22-3.24/v2026.2.26 sandbox/secrets, VPS lockdowns, China warnings.