Critical ‘Claw Chain’ Vulnerabilities Put Thousands of OpenClaw AI Servers at Risk

OpenClaw's “Claw Chain” is a set of four high-severity vulnerabilities in the OpenClaw AI agent that together allow attackers to escape sandboxing, access restricted files, leak secrets, and bypass ownership checks to install persistent backdoors; researchers estimate 65,000–180,000 Internet-exposed instances may be affected and patches were released on April 23, 2026, but organizations are urged to update and rotate keys immediately.