Cyera disclosed four chainable vulnerabilities in OpenClaw that turn a compromised agent into a persistent backdoor. Patches are available.

The Infocomm Media Development Authority warned users against creating a single “all-powerful” OpenClaw agent with unrestricted access.

Claw Chain flaws in OpenClaw 2026.4.22 enable data theft, privilege escalation, and persistence when chained.

Cyera disclosed four chainable vulnerabilities in OpenClaw that turn a compromised agent into a persistent backdoor. Patches are available.

The four flaws in the rapidly growing AI agent framework allow attackers to steal credentials, escalate privileges, and maintain persistence.