Skip to main content
Loading…
    CVE-2026-25253 — OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value. — CVE Database · The Intelligence Room