How many OpenClaw instances are publicly exposed?

Over 40,000 unprotected OpenClaw instances have been identified on the public internet, with bots scanning for new ones every 35 minutes after a vulnerability is disclosed.

What is CVE-2026-25253?

A WebSocket hijacking vulnerability that allows malicious websites to take control of a local or exposed OpenClaw instance. Affects all unpatched versions prior to 2026.2.25. CVSS score 8.8 — actively exploited.

How quickly do attackers find exposed instances?

In documented cases, automated scanners reached newly exposed instances within 35 minutes of a CVE being published. Default credential stuffing attempts follow within 15 minutes of initial detection.

Does GetClaw Hosting protect against these attacks?

Yes. All GetClaw Hosting managed gateways are never directly exposed to the internet, sit behind a hardened reverse proxy, and receive automatic CVE patches within hours of release — with no action required from you.

40,000+ exposed instances 35 min avg detection time 93.4% auth bypass rate

OpenClaw Instance
Exposure Checker

10 setup questions. A personalised exposure report. See exactly which attack vectors are open on your instance — in under 2 minutes.

40,000 instances found exposed · Bots scan every 35 minutes

Answer all 10 questions

0 of 10 answered

1.Is your OpenClaw running on a public cloud VPS (DigitalOcean, Hetzner, Vultr, AWS, etc.)?

2.Is your OpenClaw API port (default: 3000 or 8080) open to the public internet?

3.Have you changed the default admin credentials since installation?

4.Is your instance protected by a reverse proxy (Nginx, Caddy, Traefik) with HTTPS?

5.Have you set up IP allowlisting or firewall rules to restrict who can access the admin UI?

6.Do you use a non-default installation path or custom subdomain for the dashboard?

7.Have you disabled or restricted the public API endpoints that don't need external access?

8.Is your OpenClaw version up to date (patched against CVE-2026-25253 and similar)?

9.Do you have monitoring or alerting for unusual API call volumes or login attempts?

10.Have you audited which skills have access to outbound internet connections?

10 questions remaining

The OpenClaw exposure landscape in 2026

Security researchers identified over 40,000 publicly reachable OpenClaw instances in early 2026. Of those, 93.4% exhibited conditions that allowed complete authentication bypass — meaning an attacker needed only to find them, not break in.

Bots begin scanning for newly exposed instances within 35 minutes of any CVE disclosure. When CVE-2026-25253 (dubbed "ClawJacked") was published, exploit attempts were hitting unpatched gateways before most developers had even seen the advisory. Three separate CVEs were disclosed in a single week in early 2026.

The defaults that ship with OpenClaw are optimised for fast onboarding, not security. The API port binds to all interfaces. Authentication is optional. ClawHub has no mandatory code review process. Each of these is a documented, actively-exploited attack vector.

What this checker covers

Public internet reachability — cloud VPS with no firewall isolation
Unauthenticated API access — port open without auth required
Default credentials — unchanged since installation
No reverse proxy / TLS — plaintext traffic on the wire
Admin UI access — no IP allowlisting in place
Predictable dashboard URL — discoverable by automated scanners
Unnecessary API surface — unused endpoints enabled
Unpatched CVE-2026-25253 — WebSocket hijacking vulnerability
No monitoring or alerting — silent compromise goes undetected
Unrestricted skill outbound access — exfiltration via malicious skills

Want to skip the hardening work entirely? GetClaw Hosting managed instances ship with every item on this list handled automatically — no config required, patched within hours of every CVE. See plans →

Security Audit

Full 10-point security score

Skill Risk Scanner

Check ClawHub skills before installing

Features

What GetClaw Hosting handles for you

Pricing

Start a managed gateway

OpenClaw Instance Exposure Checker

Answer all 10 questions

The OpenClaw exposure landscape in 2026

What this checker covers

OpenClaw Instance
Exposure Checker