ClawSploit is a free, open-source security audit framework designed to scan OpenClaw instances for known CVEs, misconfigurations, and exploits. It runs entirely on your local machine — no data is ever sent to external servers.

How does ClawSploit scan OpenClaw instances?

ClawSploit uses 10 specialized scanner modules including port scanning, HTTP analysis, TLS checking, WebSocket authentication testing, cross-origin policy detection, configuration leak detection, path traversal testing, hook injection detection, version fingerprinting, and mDNS discovery.

Is ClawSploit free to use?

Yes. ClawSploit is fully open-source under the MIT license and free to use for authorized security testing of OpenClaw deployments.

OpenClaw Vulnerability Scanner & Security Audit Framework

Scan OpenClaw instances for CVEs, misconfigurations, and exploits — entirely on your local machine.

Your data never leaves this machine

CVE Database

CVE ID	Severity	CVSS	Title	Fixed In
CVE-2026-28363	critical	9.9	safeBins bypass via GNU long-option abbreviations (CVSS 9.9)	2026.2.25
CVE-2026-25593	critical	9.1	Unauthenticated config.apply command injection via WebSocket	2026.1.29
CLAWHAVOC-2026	critical	9	ClawHavoc — 824+ malicious skills on ClawHub delivering AMOS stealer	N/A — requires skill vetting
CVE-2026-25253	critical	8.8	gatewayUrl WebSocket token exfiltration (one-click RCE)	2026.1.29
CLAWJACKED-2026	critical	8.8	ClawJacked — cross-origin WebSocket brute-force attack	2026.1.29
CVE-2026-25157	high	8.1	Command injection via crafted agent task parameters	2026.1.29
OC-2026-PROXY-BYPASS	high	8	Reverse proxy authentication bypass — localhost trust assumption	2026.2.15
CVE-2026-24763	high	7.8	Command injection via skill install path	2026.1.20
OC-2026-SESSION-ISOLATION	high	7.8	Multi-user session isolation failure — privilege escalation	2026.2.10
CVE-2026-25475	high	7.5	Arbitrary file read via MEDIA:/path/to/file protocol handler	2026.2.10
SNYK-JS-OPENCLAW-15307810	high	7.5	Authorization bypass via sessionKey in POST /hooks/agent	2026.1.29
OC-2026-SSRF	high	7.5	Server-side request forgery via agent fetch operations	2026.2.20
OC-2026-ACP-BYPASS	medium	6.8	ACP auto-approval bypass — permission escalation	2026.2.25
CVE-2026-26327	medium	6.5	mDNS/Bonjour authentication bypass via spoofed TXT records	2026.2.15
OC-2026-WEBHOOK-FORGERY	medium	6.1	Webhook forgery — unsigned webhook payloads	2026.2.15
OC-2026-LOG-POISONING	medium	5.5	Sensitive data exposure in plaintext logs	2026.2.20

Threat Intelligence

2026-02-25

CRITICAL CVE-2026-28363: safeBins Bypass Scores CVSS 9.9

NVD / OpenClaw Security

The highest-severity OpenClaw CVE to date was disclosed: a complete sandbox escape using GNU long-option abbreviations to bypass the safeBins allowlist. Scored CVSS 9.9 — update immediately.

2026-02-22

HIGH Cisco: "OpenClaw Is a Security Nightmare in Its Default Config"

Cisco Talos Blog

Cisco Talos published a comprehensive blog post detailing the security issues with OpenClaw's default configuration, including unauthenticated WebSocket access, missing origin checks, and exposed management interfaces.

2026-02-20

CRITICAL 135,000+ Exposed OpenClaw Instances Found on the Internet

Shadowserver Foundation

Internet-wide scanning by Shadowserver revealed over 135,000 OpenClaw gateway instances directly accessible from the public internet, the majority running vulnerable versions without authentication.

2026-02-18

HIGH Microsoft Issues Isolation Advisory for OpenClaw Deployments

Microsoft Security Blog

Microsoft recommended that all enterprise deployments of OpenClaw be network-isolated and placed behind authentication proxies, following the discovery of multiple remote code execution vulnerabilities.

2026-02-15

HIGH Kaspersky Declares OpenClaw "Unsafe for Production Use"

Kaspersky Research

Kaspersky published a detailed analysis concluding that OpenClaw's default configuration is unsafe for production deployment, citing multiple unauthenticated attack surfaces and inadequate sandboxing.

2026-02-10

CRITICAL ClawHavoc: 824+ Malicious Skills Found on ClawHub

Koi Security

Koi Security discovered over 824 malicious skills on the ClawHub marketplace delivering the AMOS (Atomic macOS Stealer) malware. The campaign exploits the lack of skill vetting to distribute credential-stealing payloads disguised as legitimate tools.

2026-02-01

CRITICAL ClawJacked: One-Click RCE via Cross-Origin WebSocket

Oasis Security

Oasis Security disclosed the ClawJacked vulnerability: a cross-origin WebSocket attack that lets any website brute-force the pairing token and achieve remote code execution. No browser plugins required — just visiting a malicious page is enough.

2026-01-20

INFO OpenAI Acquires OpenClaw Platform

Tech Press

OpenAI completed the acquisition of the OpenClaw platform, raising questions about the future security posture and governance of the widely-deployed AI agent framework.

OpenClaw Vulnerability Scanner & Security Audit Framework

Security Audit

Scan Report

Findings

CVE Database

Threat Intelligence