Tuesday , July 14 2026
OpenClaw

OpenClaw Flaws Expose 245,000 Public AI Agent Servers

A series of four security flaws found in OpenClaw, a rapidly growing open-source platform for self-operating AI agents, has put about 245,000 public server instances at risk of being hacked, having credentials stolen, and being installed with secret backdoors.

Originally started as “Clawdbot” in late 2025, OpenClaw links big language models to files, SaaS apps, user accounts, and working environments.

Meta’s louisiana data center to exceed 250 billion price tag

Meta announced on Monday that its data center in Richland Parish, Louisiana, will grow to 5 gigawatts of computing power....
Read More
Meta’s louisiana data center to exceed 250 billion price tag

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

Claw Chain OpenClaw Vulnerabilities

CVE-2026-44112 (CVSS 9.6 – Critical): A flaw in the OpenShell sandbox lets attackers change where data is written, which can allow them to alter settings and install hidden access on the host.

CVE-2026-44115 (CVSS 8.8 – High): A flaw in OpenClaw’s command checks and shell running lets environment variables — like API keys, tokens, and passwords — to escape through unquoted heredocs that seem safe during checks.

CVE-2026-44118 (CVSS 7.8 – High): OpenClaw trusts a flag from the client (senderIsOwner) without checking the user’s session. This lets a local process with a valid token gain owner-level control over the gateway setup, scheduling, and management.

CVE-2026-44113 (CVSS 7.7 – High): The same TOCTOU race condition pattern in read operations lets attackers swap validated file paths with symbolic links pointing outside the allowed mount root, exposing system files and internal artifacts the agent was never meant to access.

Shodan and ZoomEye scans from May 2026 show around 65,000 and 180,000 OpenClaw instances that anyone can access. This adds up to about 245,000 open servers.

Organizations using OpenClaw need to consider this as very important:

Patch immediately by applying the April 23, 2026, fixes covering GHSA-5h3g-6xhh-rg6p, GHSA-wppj-c6mr-83jj, GHSA-r6xh-pqhr-v4xh, and GHSA-x3h8-jrgh-p8jx.

Rotate all secrets — assume any environment variable or credential reachable by OpenClaw processes may already be compromised.

Identify exposed instances using Shodan scans or internal asset inventory and place them behind authentication or firewall controls.

Audit agent access and treat OpenClaw deployments as privileged identities subject to the same lifecycle controls as service accounts.

Check Also

Tenda

CERT/CC Alerts to Hidden Admin Backdoor in Tenda Router Firmware

Several Tenda firmware versions have a hidden backdoor that lets people gain admin access to …