How many OpenClaw instances are exposed to the internet?

SecurityScorecard STRIKE team identified 42,900 unique IP addresses hosting exposed OpenClaw control panels accessible from anywhere on the internet, across 82 countries.

What percentage of exposed OpenClaw instances are vulnerable to RCE?

63% of observed deployments are vulnerable to remote code execution attacks, allowing attackers to take control of host machines without any user interaction.

What CVEs affect exposed OpenClaw instances?

Three high-severity CVEs with CVSS scores ranging from 7.8 to 8.8. Public exploit code for these vulnerabilities is readily available, enabling attackers with basic skills to compromise exposed systems.

How does SecurityScorecard track exposed OpenClaw instances?

The STRIKE team uses live internet-wide reconnaissance updated every 15 minutes, tracking exposed instances via their declawed.io platform with real-time updates.

How many exposed OpenClaw instances have prior breach history?

549 exposed instances correlated with prior breach activity, and 1,493 connected to known vulnerabilities, indicating repeat exposure patterns.

← Back to dashboard

clawsmith.com/signal/securityscorecard-42k-exposed-openclaw-instances-april-2026

⚠ IssueUnknownFrameworkLive

SecurityScorecard: 42,900 Exposed OpenClaw Instances, 63% Vulnerable to RCE

SecurityScorecard STRIKE team live reconnaissance finds 42,900 unique IPs with exposed OpenClaw control panels across 82 countries. 63% exploitable via 3 high-severity CVEs (CVSS 7.8-8.8). 549 correlated with prior breaches, 1,493 with known vulnerabilities.

Product Idea from this Signal

A runtime middleware that replaces OpenClaw's trust-by-default model with capability-scoped permissions per agent per task

1.4k ▲

OpenClaw agents have unrestricted system access by design. A viral HN critique comparing this to MS-DOS (307 points, 331 comments) argues that wrappers and sandboxes cannot fix the fundamental architecture. SecurityScorecard confirms 42,900 exposed instances with 63% vulnerable to RCE. Existing solutions either wrap OpenClaw without changing its internal trust model (NemoClaw, ClawPatrol) or require full migration to a different platform (IronClaw, ZeroClaw). This middleware intercepts every agent-to-system call at the runtime level and requires explicit capability grants before execution, changing from 'allow everything' to 'deny by default' without requiring users to abandon their existing OpenClaw setup.

RUNTIMESECURITYOPEN-SOURCEMIDDLEWAREDROP-IN

CompetitiveView Opportunity →