secdim.com
|
ksl
|
|
SecDim documented 104 published vulnerabilities in OpenClaw – the fastest-growing GitHub repo in history – within just 18 days of its February 2026 disclosure window. Over half were rated High or Critical, spanning OS command injection, path traversal, SSRF with IPv6 bypass, authentication bypass on WebSockets, and prompt injection leading to full host compromise. For comparison, LangChain accumulated roughly 20 CVEs over three years. The root cause wasn’t sloppy patches but insecure design: shell execution, file access, and unrestricted capabilities all enabled by default, with no trust boundaries between untrusted input and system prompts. Agentic AI tools that ship dangerous defaults and accept vibe-coded contributions without security review are creating attack surface faster than anyone can audit it.
