{"data":{"id":"9f6fd988-bf4c-4727-aa00-36527d9967dd","title":"OpenClaw Vulnerability Allowed Websites to Hijack AI Agents","summary":"A vulnerability in OpenClaw allowed malicious websites to connect to the OpenClaw gateway (a system that manages AI agents) on localhost (a computer's own network), guess passwords through brute force attacks (trying many password combinations rapidly), and take control of AI agents. This exposed AI systems to unauthorized hijacking from untrusted websites.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://www.securityweek.com/openclaw-vulnerability-allowed-malicious-websites-to-hijack-ai-agents/","publishedAt":"2026-03-02T14:26:03.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["other"],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["OpenClaw"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}