Openclaw: >> Openclaw >> 2026.1.12-1 Security Vulnerabilities
OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-02-01
Page 39