OpenClaw developers have patched a critical vulnerability (CVE-2026-25253) that allowed attackers to hijack the AI assistant by tricking users into visiting malicious websites, enabling token exfiltration and full gateway compromise. This vulnerability, discovered by DepthFirst, allowed attackers to gain operator-level access to the system, execute arbitrary commands, and manipulate user data.
The recent patch of the critical vulnerability in OpenClaw, tracked as CVE-2026-25253, highlights the pressing need for continuous monitoring and timely updates to AI-driven systems with elevated privileges. As such systems can be easily exploited through token exfiltration via malicious websites, it's crucial for cybersecurity professionals to implement stringent controls and regularly update security protocols to prevent unauthorized access and potential gateway compromises.