High severityOSV Advisory· Published Feb 1, 2026· Updated Feb 3, 2026
CVE-2026-25253
CVE-2026-25253
Description
OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
clawdbotnpm | < 2026.1.29 | 2026.1.29 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- github.com/advisories/GHSA-g8p2-7wf7-98mqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-25253ghsaADVISORY
- depthfirst.com/post/1-click-rce-to-steal-your-moltbot-data-and-keysghsaWEB
- github.com/openclaw/openclaw/security/advisories/GHSA-g8p2-7wf7-98mqghsaWEB
- openclaw.ai/blogghsaWEB
- ethiack.com/news/blog/one-click-rce-moltbotmitre
- x.com/0xacb/status/2016913750557651228mitre
News mentions
0No linked articles in our index yet.