CVE-2026-25253
AI Vulnerability ContextOpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.
Overview
A source-backed snapshot of this vulnerability.
CISA KEVnoWhether CISA lists this as exploited.
Techniques0AI attack methods connected to this vulnerability.
Case studies1Examples where this vulnerability is mentioned.
Vulnerability status
How serious this vulnerability is and whether it is known to be exploited.
not in CISA KEVHIGH
- CVE ID
- CVE-2026-25253
- CVSS v3
- 8.8
Exploit context
What the vulnerability is about.
No description available. The source record only contains identifiers and metadata.
Source evidence
Original public records and references for this page.
Original source
Original source links
Open the public records and source datasets used for this page.
NVD CVE pagehttps://nvd.nist.gov/vuln/detail/CVE-2026-25253CVE API docshttps://nvd.nist.gov/developers/vulnerabilitiesData feedshttps://nvd.nist.gov/vuln/data-feeds134c704f-9b21-4f2e-91b3-4a467353bcc0https://depthfirst.com/post/1-click-rce-to-steal-your-moltbot-data-and-keyscve@mitre.orghttps://ethiack.com/news/blog/one-click-rce-moltbotcve@mitre.orghttps://github.com/openclaw/openclaw/security/advisories/GHSA-g8p2-7wf7-98mqcve@mitre.orghttps://openclaw.ai/blogcve@mitre.orghttps://x.com/0xacb/status/2016913750557651228
