OpenClaw patches severe vulnerability granting admin access

Developers of the popular AI tool OpenClaw released patches for three high-severity vulnerabilities, including one that allowed attackers with basic pairing privileges to silently gain full administrative control. The flaw, tracked as CVE-2026-33579 and rated up to 9.8 out of 10 in severity, has raised alarms among security experts. Thousands of exposed instances may have been compromised unknowingly.

OpenClaw, an AI agentic tool launched in November that has amassed 347,000 stars on GitHub, enables users to automate tasks like file organization, research, and online shopping by granting it broad access to computers, apps such as Telegram, Discord, and Slack, network files, and user accounts. Earlier this week, its developers issued security patches addressing three critical issues amid ongoing warnings from security practitioners about the risks of such autonomous AI systems controlling sensitive resources. A Meta executive earlier this year banned the tool from work laptops, citing its unpredictability as a breach risk, with other managers issuing similar directives. > “The practical impact is severe,” researchers from AI app-builder Blink wrote. “An attacker who already holds operator.pairing scope—the lowest meaningful permission in an OpenClaw deployment—can silently approve device pairing requests that ask for operator.admin scope. Once that approval goes through, the attacking device holds full administrative access to the OpenClaw instance. No secondary exploit is needed. No user interaction is required beyond the initial pairing step.” CVE-2026-33579 stemmed from a flaw in the device's pairing function, which failed to verify the approving party's permissions, allowing well-formed requests to escalate privileges unchecked. Blink noted that 63 percent of 135,000 internet-exposed OpenClaw instances scanned earlier this year ran without authentication, enabling any network visitor to gain initial pairing access freely. Patches arrived Sunday, but the formal CVE listing came Tuesday, potentially giving attackers a two-day exploitation window. For organizations using OpenClaw company-wide, a compromised admin device could access all connected data, steal credentials, run arbitrary commands, and pivot to other services, amounting to full instance takeover. Experts urge users to review recent pairing logs and reassess the tool's risks versus benefits.

Related Articles

Illustration of a hacker exploiting Meta's AI chatbot to hijack Instagram accounts by changing email addresses and bypassing security.
Image generated by AI

Meta patches ai chatbot flaw used to hijack instagram accounts

Reported by AI Image generated by AI

Hackers exploited Meta's AI support chatbot to take over Instagram accounts by tricking it into changing associated email addresses. The vulnerability allowed password resets without two-factor authentication after matching locations via VPN. Meta resolved the issue with an emergency patch on May 29.

A writer recently attached a physical robot arm to an OpenClaw AI agent for hands-on testing.

Reported by AI

Windscribe has added native support for OpenClaw agentic AI in its VPN software, allowing autonomous AI agents to control VPN settings. The integration aims to separate AI-generated traffic from users' personal web activity, protecting home networks from potential issues. Company representatives described it as addressing a key privacy gap for AI users.

A critical Linux vulnerability known as CopyFail, tracked as CVE-2026-31431, allows attackers to gain root access on systems running kernels since 2017. Publicly released exploit code has heightened risks for data centers and personal devices. Ubuntu's infrastructure has been offline for over a day due to a DDoS attack, hampering security communications.

Reported by AI

Linux stable kernel maintainer Greg Kroah-Hartman has started using an AI-assisted fuzzing tool in a branch named 'clanker' to test the kernel codebase. The tool has already prompted fixes for vulnerabilities in subsystems like ksmbd and SMB. Patches from this effort now cover areas including USB, HID, WiFi, and networking.

This website uses cookies

We use cookies for analytics to improve our site. Read our privacy policy for more information.
Decline