Can you speak a little bit more to the stats in the OP?

* 135k+ OpenClaw instances are publicly exposed * 63% of those run zero authentication. Meaning the "low privilege required" in the CVE = literally anyone on the internet can request pairing access and start the exploit chain

Is this accurate? This is definitely a very different picture then the one you paint

With respect...Security through obscurity is dead. We are approaching the point where only formally verified (for security) systems can be trusted. Every possible attack will be attempted. Every opening will be exploited, and every useful combination of those exploits will be done.

LLMs are patient, tireless, capable of rigorous opsec, and effectively infinite in number.

According to this[1] your statement that practical risk was low is not accurate.

  > The attacker acquires an account or session with operator.pairing scope. On the 63% of exposed OpenClaw instances running without authentication, this step requires no credentials at all — the attacker connects and is assigned base pairing rights.

If that's accurate, then this statement:

  > This was a privilege-escalation bug, but not "any random Telegram/Discord message can instantly own every OpenClaw instance."

...is only true for the 37% of authenticated OpenClaw instances.

I'm sure it's extremely stressful and embarrassing to face the prospect that your work created a widespread, significant vulnerability. As another software engineer and a human I empathize with the discomfort of that position. But respectfully, you should put your energy into addressing this and communicating honestly about what happened and the severity, not in attempting to save face and PR damage control. You will be remembered much better for the former.

EDIT: more from the source[2]

  > The problem: 63% of the 135,000+ publicly exposed OpenClaw instances run without any authentication layer, according to a 2026 security researcher scan. On these deployments, any network visitor can request pairing access and obtain operator.pairing scope without providing a username or password. The authentication gate that is supposed to slow down CVE-2026-33579 does not exist.

  > This is the intersection that makes this vulnerability particularly dangerous in practice. The CVSS vector already rates it PR:L (Privileges Required: Low) rather than PR:N — but on 63% of deployed instances, "low privilege" is functionally equivalent to "no privilege."

[1]: https://blink.new/blog/cve-2026-33579-openclaw-privilege-esc... [2]: https://blink.new/blog/cve-2026-33579-openclaw-privilege-esc...

About time to read the code you ship now...

I guess this is the era of no shame. I know people should realize this project is inherently insecure and that it’s likely you will get hacked if you use it. But why is the creator not even taking any accountability whatsoever —- especially after all the bragging he’s done about shipping fast and not reading any of the code his agents generate?

Nvidia, ByteDance, Tencent and OpenAI?! Wow!

Who are you replying to? The tone of your message seems to indicate you want to address some misinformation, but that isn't found here or in OP's link.

Did OpenClaw write this for you?

The level of seriousness of your attitude here is not commensurate to the blatant security problem you are creating in the world.

What does Telegram/Discord have to do with anything? The OP never mentioned either of these software suites. In fact the only mention of Telegram anywhere in the entire thread is you copy-pasting this exact message.