OpenClaw Security: CVE Patches + SecureClaw Open-Source Audit Tool Debuts
OpenClaw Security: CVE Patches + SecureClaw Open-Source Audit Tool Debuts If you’re running a self-hosted OpenClaw instance, security just got more serious — and, paradoxically, easier to manage. Two CVEs were patched in v2026.1.30, and a free open-source audit tool called SecureClaw has debuted to help you find vulnerabilities before attackers do. Here’s what you need to know and what to do about it. The CVEs: What Was Fixed CVE-2026-25593 Patched in OpenClaw v2026.1.30. Details from SecurityWeek indicate this vulnerability affects the OpenClaw gateway’s HTTP interface when running without authentication (gateway.http.no_auth: true). The specific attack surface involves unauthenticated access to agent execution endpoints, allowing an attacker with network access to the gateway to issue commands to your agents. ...