OpenClaw AI Assistant Flaws Enable WhatsApp-to-Host RCE
Three high-severity vulnerabilities in OpenClaw, a personal AI assistant, have been chained to enable remote code execution on the host system via a WhatsApp message, requiring no prior foothold. The flaws—covering OS command injection, incomplete input filtering, and path traversal—allow sandbox escape, credential theft, and privilege escalation. All three have been patched in OpenClaw version 2026.6.6, but unpatched deployments remain at significant risk.