40,000 Exposed OpenClaw Instances — and 6 New CVEs This Week

Its been a brutal week for OpenClaw security. Two major reports dropped within days of each other. The Numbers Metric Value Exposed instances 40,214 Vulnerable 63% RCE exploitable 12,812 New CVEs patched 6 Report #1: SecurityScorecard Finds 40K+ Exposed Instances SecurityScorecard reported finding over 40,000 misconfigured OpenClaw instances exposed to the public internet. 549 instances already correlated with prior breach activity 1,493 instances with known vulnerabilities 12,812 instances exploitable via RCE 63% of all observed deployments are vulnerable Most exposures are in China, followed by the US and Singapore. "The more centralized the access, the more damage a single compromise can cause." — SecurityScorecard And threat actors are already targeting agents with infostealers . Report #2: Endor Labs Discovers 6 New Vulnerabilities Endor Labs revealed six new vulnerabilities: CVE Type Severity CVE-2026-26322 SSRF in Gateway High (7.6) CVE-2026-26319 Missing Telnyx webhook auth Hig

40,000 Exposed OpenClaw Instances — and 6 New CVEs This Week

Related Articles

The Difference between `let`, `var` and `const`

Circulation Metrics Framework for Living Systems

Red Rooms makes online poker as thrilling as its serial killer

Don’t Know What Project to Build? Here Are Developer Projects That Actually Make You Better

Why Most Developers Stay Broke

Related Articles

How-To
The Difference between `let`, `var` and `const`
Medium Programming • 2d ago

How-To
Circulation Metrics Framework for Living Systems
Medium Programming • 2d ago

How-To
Red Rooms makes online poker as thrilling as its serial killer
The Verge • 2d ago

How-To
Don’t Know What Project to Build? Here Are Developer Projects That Actually Make You Better
Medium Programming • 2d ago

How-To
Why Most Developers Stay Broke
Medium Programming • 2d ago