A Meta exec threatened to fire anyone who put OpenClaw on a work laptop. That's not being paranoid either. OpenClaw just patched a flaw that allowed anyone with the lowest permission level to silently escalate to full admin. No user interaction. No second exploit needed. Just pairing access, and you own the instance. On top of that, 63% of the 135,000 internet-exposed OpenClaw instances were running with zero authentication. On those deployments, the "lowest permission" wasn't even required. Any network visitor could just walk in. π³
𧩠The patches dropped Sunday. The CVE listing didn't come until Tuesday. Attackers had a two-day head start.
π Full admin means read all connected data sources, exfiltrate stored credentials, execute arbitrary tool calls, and pivot to whatever else the agent touches. Slack. Discord. Files. Logged-in sessions. All of it.
π€ The real question isn't whether OpenClaw has security problems. Every tool does. The question is whether your organization decided to hand an inherently unpredictable LLM the keys to your environment before asking who else might be able to grab them.
If you're running OpenClaw, check your pairing approval logs. Then have an honest conversation about whether the productivity trade-off still makes sense.
https://arstechnica.com/security/2026/04/heres-why-its-prudent-for-openclaw-users-to-assume-compromise/
#Cybersecurity #AIAgents #ZeroTrust #security #privacy #cloud #infosec
Cyber The G.A.M.E.
RootShell
Brian Greenberg 
Know All Edge
