'Claw Chain' Vulnerabilities Threaten OpenClaw Deployments

OpenClaw’s maintainers patched four chainable vulnerabilities dubbed “Claw Chain” that affect all versions prior to 2026-04-23; the flaws (including a CVSS 9.6 TOCTOU on the OpenShell sandbox and other high-severity logic and session/validation issues) can be chained to enable initial access via malicious plugins or prompts, credential theft, privilege escalation to administrative control, and persistent backdoors — activities that can look like legitimate agent behavior and are therefore difficult to detect.