Major Vulnerability Discovered in OpenClaw AI Agent Platform

Security researchers recently disclosed a critical vulnerability called “ClawJacked” affecting the open-source AI agent platform OpenClaw. The platform is widely used by developers to build autonomous software agents that can perform tasks such as accessing system resources, interacting with applications, and executing automated workflows. Researchers found that weak password protection in OpenClaw’s local WebSocket server allowed attackers to gain unauthorized access by brute-forcing credentials.

If exploited successfully, attackers could take control of the AI agent, view system logs, manipulate commands, or extract sensitive configuration data from the affected device. Because OpenClaw is designed to integrate deeply with operating systems and applications, the vulnerability raised serious concerns among cybersecurity experts. Developers quickly released a patch to fix the issue and urged users to update their installations immediately. The incident highlights the importance of secure design practices for emerging AI-driven platforms that interact directly with user systems.

03-03-2026