CVE-2026-25253

This repository contains a proof-of-concept exploit for CVE-2026-25253, targeting a vulnerability in Moltbot. The exploit involves a Flask-based server to capture tokens and passwords, and a Playwright-based script to automate the exploitation process.

This repository contains a functional exploit PoC for CVE-2026-25253, demonstrating MCP supply chain poisoning via nested schema fields in tool definitions. It includes test harnesses for multiple CVEs, including privilege escalation (CVE-2026-35625) and SSRF (CVE-2026-35629), with simulated and live endpoint testing capabilities.

This repository contains detailed documentation and deployment guides for OpenClaw, an open-source AI assistant platform, but does not include actual exploit code or technical analysis of CVE-2026-25253.

This repository is a security monitoring tool for OpenClaw deployments, designed to detect threats such as CVE-2026-25253 (WebSocket hijacking RCE), AMOS stealer, and other malicious activities. It includes a 32-point scanner, remediation scripts, and a web dashboard for real-time monitoring.

This repository contains a functional exploit for CVE-2026-25253, demonstrating a one-click RCE in OpenClaw via authentication token theft. The PoC includes a detailed technical writeup, attacker server code, and a step-by-step exploitation process.

The repository is a promotional page for a security framework and research by Michael Saleme, with no actual exploit code or technical details about CVE-2026-25253. It primarily serves as a marketing tool for services and tools.

The repository contains no actual exploit code for CVE-2026-25253. Instead, it provides workflow documentation for syncing a fork with upstream, which is unrelated to the CVE. The README and files focus on development processes rather than vulnerability details or exploit techniques.

This is a functional exploit PoC for CVE-2026-25253, which appears to target a gateway token capture vulnerability. The exploit sets up a Flask server with WebSocket support to intercept and capture gateway tokens, likely for authentication bypass or session hijacking.

This repository contains sanitized documentation for deploying OpenClaw on a VPS, including architectural decisions, security requirements, and deployment plans. It does not include exploit code but provides detailed technical insights into the platform's setup and potential security considerations.

This repository is a security-hardened fork of OpenClaw, addressing multiple vulnerabilities including CVE-2026-25253. It provides a detailed technical analysis of the vulnerabilities, remediation strategies, and architectural improvements without including functional exploit code.

This repository contains a functional proof-of-concept exploit for CVE-2026-25253, leveraging Cross-Site WebSocket Hijacking to achieve one-click RCE on OpenClaw. The exploit involves token theft, WebSocket hijacking, and command execution via a browser-based payload.

This repository contains a Chinese-language writeup for CVE-2026-25253, describing a Cross-Site WebSocket Hijacking vulnerability in OpenClaw that allows one-click remote code execution. It references external sources but does not include exploit code or technical details.