The viral AI agentic tool let attackers silently gain admin unauthenticated access.

Ars Technica is known for its  coverage of technology-related news and analysis, ranging from scientific breakthroughs to the latest gadgets and gaming developments. Readers can learn about emerging technologies, industry trends, and the societal impact of technological advancements through detailed articles and reviews.

Ars Technica

OpenClaw, a viral AI agentic tool with 347,000 GitHub stars, patched a critical privilege escalation vulnerability (CVE-2026-33579, CVSS 8.1–9.8). The flaw allowed any attacker with the lowest-level pairing permission to silently elevate themselves to full admin access with no user interaction required. For organizations using OpenClaw as a company-wide AI agent platform, this means an attacker could read all connected data sources, exfiltrate credentials, execute arbitrary tool calls, and pivot to other connected services — effectively a full instance takeover.

OpenClaw gives users yet another reason to be freaked out about security

<p>Any organization running OpenClaw company-wide is absolutely nuts.</p>
<p>Do not do business with such a company. Do not sign up even once on their forms for anything. They are security illiterate.</p>
