"OpenClaw is rarely out of the news, but not necessarily under that name. This 'autonomous personal assistant' started life as Clawdbot, changed its name to Moltbot, and is now OpenClaw. All references to any of these names refer to the same product. On February 14, 2026, Peter Steinberger - the developer of OpenClaw - announced he is joining OpenAI. OpenClaw is transitioning into the OpenClaw Foundation with OpenAI providing financial and technical support."
"Firstly, CVE-2026-25157 was fixed on January 25 in version 2026.1.25. Next, a one-click RCE vulnerability (CVE-2026-25253) was disclosed by Depthfirst on February 1, but had been patched by OpenClaw on January 29 with version 2026.1.29. Depthfirst and Snyk quickly discovered it was an incomplete fix, and the Docker sandbox could still be bypassed (CVE-2026-24763). This, too, was quickly fixed in version 2026.1.30."
"Version 2026.1.30 also fixed two other outstanding CVEs: CVE-2026-25593, and CVE-2026-25475. The speed of these fixes may indicate a desire or need to get all its security ducks in a row before joining OpenAI as the OpenClaw Foundation. As of writing, the latest version is 2026.2.17, and there are no known unfixed CVEs for OpenClaw. But that doesn't mean that continuing to use OpenClaw is automatically safe."
OpenClaw started as Clawdbot, became Moltbot, and now operates as OpenClaw. Peter Steinberger announced joining OpenAI on February 14, 2026, and OpenClaw is transitioning into the OpenClaw Foundation with OpenAI providing financial and technical support. Cisco Talos called OpenClaw "groundbreaking" for users and "an absolute nightmare" for security. Multiple CVEs were discovered and patched across late January and February 2026, including fixes in versions 2026.1.25, 2026.1.29 and 2026.1.30, and later updates up to 2026.2.17. Many older deployments remain vulnerable and are still being actively exploited by attackers.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]