Back to Blog
security openclaw cve vulnerability alert

OpenClaw Security Alert: 135,000+ Instances Exposed (February 2026)

Henry
February 17, 2026
2 min read

This isn’t a theoretical risk. It’s happening right now.

Over 135,000 OpenClaw instances are currently exposed to the internet, and attackers are actively exploiting them. If you’re running OpenClaw, you need to read this.

What’s Happening

Two critical vulnerabilities have been disclosed in the past month:

CVE-2026-25253 (CVSS 8.8 - HIGH)

  • Remote code execution via malicious skills
  • One-click exploitation possible
  • Affects all versions before 2026.1.29

CVE-2026-25593 (CVSS 9.1 - CRITICAL)

  • Memory corruption in the gateway process
  • Can be exploited without authentication
  • Patched in 2026.2.x

Are You Vulnerable?

Run this command on your OpenClaw machine:

openclaw --version

If you’re below 2026.2.0, you need to update immediately:

npm update -g openclaw
openclaw gateway restart

The Bigger Picture

This week, Peter Steinberger (creator of OpenClaw) joined OpenAI to lead their AI agents division. While this validates the technology, it also means:

  1. More attention on OpenClaw
  2. More attackers scanning for vulnerable instances
  3. Your exposed instance is now a bigger target

Security researchers have also found ~900 malicious skills in ClawHub (about 20% of all packages). These can steal your API keys, exfiltrate data, or install backdoors.

Quick Security Checklist

Do these now:

  • Update to latest version (npm update -g openclaw)
  • Bind gateway to localhost only (openclaw config set gateway.host 127.0.0.1)
  • Review installed skills (openclaw skills list)
  • Don’t run as root
  • Enable firewall rules blocking external access

The Reality

Most people running OpenClaw are founders and developers who just want their AI agent working. Security isn’t their expertise.

That’s exactly why we started SetupMyClaw. We handle the secure configuration so you can focus on actually using your agent.

Our security setup includes:

  • Proper network isolation
  • Non-root user configuration
  • Firewall rules
  • Skill auditing
  • Automated security updates

If you want peace of mind without spending hours on DevOps, check out our setup service.

Stay Safe

The window for exploitation is now. Attackers know about these CVEs and are actively scanning.

Update your OpenClaw today. Or let us do it for you.

Questions? Reach out on Twitter @henry_gg08 or email henry@setupmyclaw.in

Need Help Setting Up OpenClaw?

Skip the guides and get expert help. We'll set everything up for you in a 60-minute Zoom call.

Book a Setup Session - From $49
All Articles