Cve

If you’re running a self-hosted OpenClaw instance — and odds are you are, given the platform’s explosive growth — today’s news from China’s National Computer Network Emergency Response Technical Team (CNCERT) is a wake-up call you shouldn’t scroll past. CNCERT has officially warned that OpenClaw’s default security configurations are dangerously weak, and the numbers behind that warning are staggering: over 135,000 public instances running with zero authentication. Two active CVEs. And a Chinese government ban on OpenClaw deployments in government systems. ...

Two weeks. Twenty-two CVEs. Fourteen classified high-severity. That’s what Claude Opus 4.6 delivered when Mozilla handed it access to the Firefox codebase in February 2026 — and it redefines what AI-augmented security research looks like in practice. Mozilla didn’t mince words: Claude found more high-severity bugs in two weeks than the world typically reports in two months. That’s not a benchmark. That’s a structural change in how software security works. ...

OpenAI is entering the enterprise security market in a serious way. On March 6, 2026, the company launched Codex Security — an AI security agent in research preview that doesn’t just find vulnerabilities, but confirms them with proof-of-concept exploits and proposes developer-ready patches. The agent was previously codenamed “Aardvark.” The new name signals intent: this is Codex — OpenAI’s flagship agentic coding system — applied specifically to the application security workflow. ...

If you use Claude Code in your development workflow, stop and read this before opening another repository. Check Point Research has disclosed two critical vulnerabilities — CVE-2026-21852 and CVE-2025-59536 — in Anthropic’s Claude Code agentic coding tool. The flaws allowed attackers to execute arbitrary code on a victim’s machine and exfiltrate API keys. The attack vector required only a malicious configuration file placed in a repository. The exploit triggered automatically — before the user saw or accepted the trust dialog. ...

A critical vulnerability in ModelScope’s MS-Agent framework — now officially tracked as CVE-2026-2256 — allows an attacker to achieve full system compromise through code injection via an AI agent’s prompt pipeline. If you’re running MS-Agent v1.6.0rc1 or earlier in any deployment, this is a drop-everything patch situation. The vulnerability was disclosed today by multiple security outlets, with full CVE record details confirmed by SecurityWeek, GBHackers, CyberPress, and OffSeq Threat Radar. ...

If you’re running OpenClaw, stop what you’re doing and read this. Oasis Security’s research team published threat research today revealing a critical vulnerability chain in OpenClaw that enables attackers to achieve full workstation compromise — potentially including privilege escalation and credential theft — initiated entirely from a browser tab. This is a distinct and separate issue from the GHSA-mr32 CVE batch that was patched earlier this month. Compounding the urgency: SecurityScorecard has identified more than 40,000 exposed OpenClaw instances accessible from the public internet. ...

Stop what you’re doing and update Claude Code. Check Point Research disclosed two critical vulnerabilities today — CVE-2025-59536 and CVE-2026-21852 — that can let an attacker execute code on your machine and steal your Anthropic API key simply by having you clone and open a malicious repository. No additional interaction required. No suspicious files to download. Just opening the wrong repo is enough. What Was Disclosed Check Point Research published full technical details on both CVEs affecting Claude Code, Anthropic’s AI-powered coding assistant: ...

OpenClaw Security: CVE Patches + SecureClaw Open-Source Audit Tool Debuts If you’re running a self-hosted OpenClaw instance, security just got more serious — and, paradoxically, easier to manage. Two CVEs were patched in v2026.1.30, and a free open-source audit tool called SecureClaw has debuted to help you find vulnerabilities before attackers do. Here’s what you need to know and what to do about it. The CVEs: What Was Fixed CVE-2026-25593 Patched in OpenClaw v2026.1.30. Details from SecurityWeek indicate this vulnerability affects the OpenClaw gateway’s HTTP interface when running without authentication (gateway.http.no_auth: true). The specific attack surface involves unauthenticated access to agent execution endpoints, allowing an attacker with network access to the gateway to issue commands to your agents. ...

OpenClaw Security Crisis: Six CVEs Patched, 40K Instances Exposed, and NanoClaw Rises Today is a tough day for OpenClaw’s security reputation — and an important one for anyone running the framework. Three interconnected stories broke simultaneously, painting a picture of an ecosystem under pressure: six newly-disclosed vulnerabilities, 40,000+ publicly exposed instances, and the rapid rise of a minimalist, security-first alternative called NanoClaw. Here’s the full picture, and what you need to do right now. ...

If you’re running OpenClaw and haven’t patched to 2026.2.21-1 yet, stop what you’re doing. There’s a high-severity vulnerability — GHSA-mr32-vwc2-5j6h — that you need to know about. What’s the Vulnerability? The flaw lives in OpenClaw’s Browser Relay: specifically, the /cdp WebSocket endpoint that powers browser control features. Prior to the patch, this endpoint had no authentication token requirement. That means any process running locally — or any attacker who can reach your machine — could connect to the CDP WebSocket without proving who they are. ...