adibirzu

1 exploit Active since Feb 2026
CVE-2026-25253 NOMISEC HIGH SCANNER
OpenClaw <2026.1.29 - Info Disclosure
OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.
8 stars
CVSS 8.8