{"data":{"id":"0448d83c-43e3-4ccb-bdaf-9034571954b5","title":"Your personal OpenClaw agent may also be taking orders from malicious websites","summary":"Researchers discovered a flaw chain called ClawJacked (CVE-2026-25253) that allowed malicious websites to take control of locally running OpenClaw agents (AI tools that automate tasks on your computer). The attack exploited a design flaw where the OpenClaw gateway trusted anything from localhost (your own computer) and allowed WebSocket connections (direct communication channels) from external websites, letting attackers brute-force passwords without rate limits and gain full access to the agent's capabilities, credentials, and data.","solution":"OpenClaw promptly fixed the vulnerability after Oasis Security reported it and provided proof-of-concept code. No additional details about the specific fix are provided in the source text.","labels":["security"],"sourceUrl":"https://www.csoonline.com/article/4138431/your-personal-openclaw-agent-may-also-be-taking-orders-from-malicious-websites.html","publishedAt":"2026-02-27T11:57:20.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":[],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["OpenClaw"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}