Cyera warns that four OpenClaw vulnerabilities, dubbed Claw Chain, can be chained to bypass sandbox protections, steal sensitive data, and plant persistent backdoors on the host. The flaws affect OpenShell and the MCP loopback flow, and patches were released after disclosure to OpenClaw maintainers. #OpenClaw #OpenShell #ClawChain #CVE-2026-44112 #CVE-2026-44113 #CVE-2026-44115 #CVE-2026-44118
Keypoints
- Claw Chain links four OpenClaw vulnerabilities into a full compromise path.
- An attacker can use prompt injections, malicious plugins, or compromised inputs to start the attack.
- Race conditions and access control flaws allow file reads, command execution, and data leakage.
- The MCP loopback flaw can elevate privileges to owner level and expose management functions.
- The final OpenShell race condition can modify configurations, plant backdoors, and enable persistence.
Read More: https://www.securityweek.com/claw-chain-openclaw-flaws-allow-sandbox-escape-backdoor-delivery/