Been digging into the OpenClaw vulnerability (CVE-2026-25253) this week.

Most people are focusing on the CVSS score (8.8), but the bigger issue is misconfigured instances + exposed skills.

Here’s a quick checklist I’ve been using:

1. Audit all active skills (especially external ones)
2. Lock down network exposure (a lot of instances are publicly reachable)
3. Recheck auth flows - default configs are risky
4. Monitor logs for abnormal agent behavior
5. Patch immediately if you haven’t already

I wrote a more detailed breakdown here if anyone wants the full audit steps: Here

Curious- has anyone here actually seen exploitation in the wild yet?