How many vulnerabilities did Kaspersky find in OpenClaw?

Kaspersky's independent security audit in late January 2026 identified 512 vulnerabilities total, with 8 classified as critical.

What is the most dangerous OpenClaw vulnerability according to Kaspersky?

CVE-2026-25253 (CVSS 8.8) is the most dangerous, enabling full gateway compromise and allowing attackers to run arbitrary commands.

Can OpenClaw leak emails to attackers?

Yes. A researcher demonstrated how an OpenClaw bot could leak emails from a victim to an attacker with neither prompts nor confirmations using prompt injection.

How many exposed OpenClaw instances were found in early 2026?

Researchers found nearly 1,000 publicly accessible installations with no authentication. SecurityScorecard later reported 40,214 internet-exposed instances with 35.4% flagged as vulnerable.

← Back to dashboard

clawsmith.com/signal/kaspersky-512-vulnerabilities-openclaw-unsafe-for-use

⚠ IssueWide OpenLive

Kaspersky security audit finds 512 vulnerabilities in OpenClaw, 8 critical, declares it unsafe for use

Q: Did Kaspersky declare OpenClaw safe to use?

No. Kaspersky concluded that handing your data over to OpenClaw is at best unsafe and at worst utterly reckless.

In late January 2026, Kaspersky conducted an independent security audit of OpenClaw and identified 512 vulnerabilities, eight classified as critical. The most dangerous is CVE-2026-25253 (CVSS 8.8) enabling full gateway compromise. Kaspersky concluded that handing your data over to OpenClaw is at best unsafe and at worst utterly reckless.

Product Idea from this Signal

A reverse proxy that blocks scraping botnet recruitment of exposed OpenClaw instances by enforcing authentication, rate limiting, and command allowlisting at the network perimeter

3 ▲

DataDome research documents 21,000+ exposed OpenClaw instances being hijacked into scraping botnets targeting travel and retail platforms. Kaspersky found 512 vulnerabilities in OpenClaw with 8 critical, and nearly 1,000 installations run with zero authentication. Current security tools focus on boot-time workspace scanning or CVE checking, but nothing sits at the network layer to prevent an exposed instance from being recruited into a botnet in real time. This reverse proxy drops in front of any OpenClaw deployment and enforces auth, rate limits inbound connections, allowlists which commands can execute remotely, and blocks the scraping traffic patterns DataDome identified.

SECURITYREVERSE-PROXYOPEN-SOURCEDEVOPSNETWORK

CompetitiveView Opportunity →