How many security advisories has OpenClaw had in 2026?

Security researcher Joel Gamblin's tracker logged 137 security advisories between February 2 and April 4, 2026 alone - roughly one new advisory every 15 hours.

How many OpenClaw instances are exposed to the internet?

SecurityScorecard identified 40,214 internet-exposed OpenClaw instances with 28,663 unique IP addresses hosting globally accessible control panels.

What percentage of exposed OpenClaw instances are vulnerable to RCE?

Approximately 63% of exposed deployments are vulnerable to remote code execution, enabling attackers to seize control without user interaction.

What CVEs are being exploited in the OpenClaw trojan attacks?

Three high-severity CVEs with CVSS scores from 7.8 to 8.8 are being exploited, enabling privilege escalation, sandbox bypass, and remote code execution.

Why are OpenClaw instances vulnerable to trojan horse attacks?

Users commonly configure bots with identifiable personal or company names and grant excessive permissions without adequate security measures. Many instances run without authentication.

Has Microsoft commented on OpenClaw security risks?

Microsoft has advised against using OpenClaw on standard devices. Chinese authorities have also restricted OpenClaw in office environments due to significant security risks.

← Back to dashboard

clawsmith.com/signal/openclaw-trojan-horse-28k-systems-actively-exploited

⚠ IssueWide OpensecurityLive

OpenClaw Trojan Horse: Hackers Actively Exploit Vulnerabilities to Control 28,000+ Systems Globally

SecurityScorecard report confirms 40,214 internet-exposed OpenClaw instances with 28,663 unique IPs hosting accessible control panels. 63% vulnerable to RCE. Three high-severity CVEs (CVSS 7.8-8.8) enable attackers to seize control without user interaction. Microsoft advises against use on standard devices. Chinese authorities restrict OpenClaw in office environments.