Security Advisories

Critical security vulnerability reports and alerts from our security research team. Stay informed about emerging threats and security issues affecting the open-source ecosystem.

18 min read
Agentic AI Framework Security: OpenClaw as a Case Study for Industry-Wide Standards
OpenClawAgentic AI SecurityCommand Injection Path Traversal OWASP AI Framework Security Responsible Disclosure
OpenClaw is the AI agent framework with 200,000+ GitHub stars and shell access to users' machines. It represents a critical gap in the agentic AI ecosystem: powerful tools shipping without the security practices their capabilities demand. This advisory documents our first-party findings (two CVSS 9.9 critical vulnerabilities in the OpenClaw codebase), pulls together the broader security crisis across agentic frameworks, and calls for the industry to adopt and enforce emerging standards before large-scale breaches become inevitable.
Read Advisory
6 min read
React2Shell Vulnerability Emergency
Critical RCE vulnerability in React 19 Server Components affecting 44% of global applications. Analysis of exploitation timeline, threat actors, and remediation strategies.
Read Advisory

Simple 3 click setup.

Deploy Kolega.dev.

Find and fix your technical debt.

No credit card required · 7-day free trial