- March 3, 2026
CVE-2026-25253: WebSocket Hijacking in OpenClaw AI Agents
A CVSS 8.8 vulnerability in OpenClaw lets attackers hijack agent sessions via cross-site WebSocket. The attack chain, what each step does, and how to add defense-in-depth.
A CVSS 8.8 vulnerability in OpenClaw lets attackers hijack agent sessions via cross-site WebSocket. The attack chain, what each step does, and how to add defense-in-depth.