Skip to content

CVE-2026-25253(ClawJacked)漏洞详解:一键RCE,恶意网页窃取Token接管OpenClaw Agent | AI安全运营 #63

New issue
New issue
Open
Open
CVE-2026-25253(ClawJacked)漏洞详解:一键RCE,恶意网页窃取Token接管OpenClaw Agent | AI安全运营#63
Labels
Gitalka7fecaa9e29f12d3bfcade5ca722ff8d
@shengnoah

Description

@shengnoah
shengnoah
opened on Mar 6, 2026

https://lua.ren/openclaw/2026-03-05-openclaw-security-ClawJacked/

CVE-2026-25253(ClawJacked)深度解析:一键RCE,恶意网页即可偷token接管OpenClaw AI Agent 随着本地AI Agent框架的普及,OpenClaw(前身为Clawdbot/Moltbot)凭借强大的本地任务执行能力和多平台集成能力迅速成为许多开发者和企业的首选工具。然而,2026年披露的 CVE-2026-25253(ClawJacked) 漏洞却让所有

Metadata

Metadata

Assignees

No one assigned

    Labels

    Gitalka7fecaa9e29f12d3bfcade5ca722ff8d

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions