Exposure of Critical Vulnerabilities in OpenClaw: 360's Vulnerability Mining AI Agent Reveals New Security Challenges for AI-Native Applications

AIbase基地

Published inAI News · 4 min read · Apr 8, 2026

]On April 7, the 360 Vulnerability Mining Intelligent Agent announced that it successfully discovered and reported three high-value security vulnerabilities in the AI agent OpenClaw, including one high-severity vulnerability and two medium-severity vulnerabilities. All the relevant vulnerabilities have been officially fixed and publicly disclosed. This achievement marks a breakthrough for AI agents in automated security audits, transitioning from traditional rule-driven approaches to intelligent thinking-driven methods, and provides key technical support for the security governance of AI-native applications.

The high-severity vulnerability discovered this time focuses on the approval and execution mechanism of local scripts. Attackers can achieve unauthorized code execution by tampering with script content that has already passed approval, thereby gaining control of user devices. The two medium-severity vulnerabilities involve the reuse of security verification parameters in the OAuth manual authorization process, as well as resource management defects in the processing of WebSocket data during voice calls. The former could lead to the compromise of users' Google service account permissions, while the latter might cause system resource exhaustion leading to device crashes. These vulnerabilities directly target the core operational mechanisms of AI agents, exposing deep-seated risks in current agents' permission isolation and protocol implementation.

According to 360, the vulnerability mining intelligent agent system has cumulatively identified high-value vulnerabilities in multiple mainstream AI agents. Compared to traditional scanning tools, this system is able to simulate the attack-defense intuition of security experts, achieving automation in vulnerability detection, verification, and reproduction, thus freeing up human resources to focus on more creative risk assessment areas. As AI agents gradually integrate into user workflows, AI-driven automated vulnerability discovery technology will become a critical infrastructure for ensuring the security of the AI industry chain's underlying layers, promoting the development of a more resilient security defense system in the industry.

AI Agents 360 Vulnerability Mining OpenClaw Security Vulnerabilities

This article is from AIbase Daily

Welcome to the [AI Daily] column! This is your daily guide to exploring the world of artificial intelligence. Every day, we present you with hot topics in the AI field, focusing on developers, helping you understand technical trends, and learning about innovative AI product applications.

—— Created by the AIbase Daily Team

AI News Recommendations

Weimob Launches the First AI Skill for the Retail Industry and Integrates into OpenClaw Ecosystem

Weimob launched a dedicated AI Skill for the retail industry, "Weimob Admin Skills," and integrated it into the OpenClaw ecosystem. As the first vertical AI product in the domestic SaaS field, it supports operation on Weimob's official website and the local version of Lobster, driving the retail SaaS from 'conversational AI' to 'executive AI.' Its core value lies in transforming complex retail industry knowledge into standardized and reusable capabilities.

Apr 8, 2026

World's First! China Launches 'Panzhi Yuhen Carbon Accounting Model': Accurately Portraying Global Carbon Footprints

The Shanghai Institute of Advanced Technology, Chinese Academy of Sciences, launched the world's first all-round carbon emission accounting system, 'Panzhi Yuhen Carbon Accounting Model', achieving a technological breakthrough from 'following the trend' to 'reconstructing the paradigm'. This system breaks through the barriers of traditional carbon accounting through the integration of data, algorithms, and computing power, solving bottlenecks such as high knowledge barriers, slow data updates, and low resolution, and building a solid underlying support system.

Apr 8, 2026

Alibaba AI Architecture Restructuring! Fei-Fei Li Appointed as CTO of Alibaba Cloud, Tongyi Lab Promoted to Large Model Business Division

Alibaba announced an organizational restructuring, with the core focus on accelerating AI development. CEO Wu Yongming announced in an internal letter the establishment of the Group Technology Committee and the upgrading of business departments, marking the beginning of a fully accelerated AI era. The most attention-grabbing news is the joining of global top scientist Fei-Fei Li as CTO of Alibaba Cloud, who will be responsible for all technical aspects and AI cloud infrastructure of Alibaba Cloud.

Apr 8, 2026

UK National Data Library Project Faces Challenges, Data Availability Needs Improvement

The UK government plans to promote artificial intelligence development through the National Data Library, but research by the Open Data Institute indicates that current public datasets have issues such as misleading titles and missing metadata, which may affect the implementation of the plan. The government has confirmed the plan in the 2024 Autumn Budget and pledged support for research and businesses.

Apr 8, 2026

Musk Sues OpenAI, Demands Removal of CEO Altman

Musk sues OpenAI executives for alleged fraud, demanding restoration of its nonprofit status. The case will be heard in a California federal court on April 27.....

Apr 8, 2026

AI Daily: AI Video Mystery Dark Horse Happy Horse Makes Its Debut; Aisi Technology PixVerse C1 Released; 360 Creates Xiaoshu APP

Welcome to the [AI Daily] column! This is your guide to exploring the world of artificial intelligence every day. Every day, we present you with the latest content in the AI field, focusing on developers, helping you understand technology trends and innovative AI product applications. Click to learn more about new AI products: https://app.aibase.com/zh1, Exceed Seedance 2.0! 8, Zhipei launches GLM-5.1: SWE-bench score leads globally, model price increases by 10%. Zhipei releases a new large model GLM-5

Apr 8, 2026

100

Gemini Update Helps Users in Crisis Access Mental Health Support Faster

Google updates its chatbot Gemini, adding crisis intervention features that automatically identify suicidal or self-harming conversations and guide users to mental health resources. This move comes as Google faces a lawsuit over its chatbot being accused of inciting "suicide," sparking societal discussions about AI safety responsibilities.

Apr 8, 2026

110

Programmer Uses AI to Generate Violation Reporting Web Version App, Expected to Launch in Two Months

Chengdu programmer Pu Haiyang developed an AI visual recognition program for automatically reporting traffic violations, aiming to improve the efficiency of traffic supervision. The project was conceived in 2025, with a demo version completed in one week, and the web version generated in three days using AI tools. Currently, the Android and iOS client development is 80% complete, and it is expected to be launched in app stores within two to three months. The core technical advantage lies in automating the traditional reporting process.

Apr 8, 2026

Li Shubin of Meituan: The First Step for Catering Businesses to Embrace AI Is Information Digitization

At the 2026 China Catering Chain Summit, Li Shubin of Meituan emphasized that the catering industry should first strengthen the local lifestyle information infrastructure when embracing AI, rather than blindly pursuing technological upgrades. He pointed out that AI does not truly understand the physical world, while consumer needs are shifting from simple searches to complex multi-intent expressions.

Apr 8, 2026

The Mind-Reading Technology of Taobao Merchants Is Here! Wanmeng Technology's Magic Cube AI Quality Inspection VOC Enters the Service Marketplace

Shanghai Wangmeng's 'Magic Cube AI Quality Inspection VOC' tool, now on Taobao, integrates AI automation with user insights for comprehensive service risk management, enhancing e-commerce workflows through dual-engine capabilities in monitoring and analysis.....

Apr 8, 2026

100

Latest AI News

AI Daily Brief

AI Product Finder

AI Product Rankings

AI Product Submit

AI Tools Directory

GEO Brand Visibility

AI Visibility Audit

AI Search Visibility Checker

GEO Promotion Link Detection

GEO Ranking Optimization System

GEO Services​

MCP Servers

MCP Client

MCP Case Tutorials

MCP Ranking

MCP Service Submission

MCP Playground

MCP Inspector

LLM API Hub

AI Models Finder

Model Providers

LLM Leaderboard

Compare LLMs

LLM Cost Calculator

LLM Arena

AI Model Compatibility Checker

AI Deployment Calculator

Exposure of Critical Vulnerabilities in OpenClaw: 360's Vulnerability Mining AI Agent Reveals New Security Challenges for AI-Native Applications

AIbase基地

This article is from AIbase Daily

AI News Recommendations

Weimob Launches the First AI Skill for the Retail Industry and Integrates into OpenClaw Ecosystem

World's First! China Launches 'Panzhi Yuhen Carbon Accounting Model': Accurately Portraying Global Carbon Footprints

Alibaba AI Architecture Restructuring! Fei-Fei Li Appointed as CTO of Alibaba Cloud, Tongyi Lab Promoted to Large Model Business Division

UK National Data Library Project Faces Challenges, Data Availability Needs Improvement

Musk Sues OpenAI, Demands Removal of CEO Altman

AI Daily: AI Video Mystery Dark Horse Happy Horse Makes Its Debut; Aisi Technology PixVerse C1 Released; 360 Creates Xiaoshu APP

Gemini Update Helps Users in Crisis Access Mental Health Support Faster

Programmer Uses AI to Generate Violation Reporting Web Version App, Expected to Launch in Two Months

Li Shubin of Meituan: The First Step for Catering Businesses to Embrace AI Is Information Digitization

The Mind-Reading Technology of Taobao Merchants Is Here! Wanmeng Technology's Magic Cube AI Quality Inspection VOC Enters the Service Marketplace

AI News Recommendations

Weimob Launches the First AI Skill for the Retail Industry and Integrates into OpenClaw Ecosystem

World's First! China Launches 'Panzhi Yuhen Carbon Accounting Model': Accurately Portraying Global Carbon Footprints

Alibaba AI Architecture Restructuring! Fei-Fei Li Appointed as CTO of Alibaba Cloud, Tongyi Lab Promoted to Large Model Business Division

UK National Data Library Project Faces Challenges, Data Availability Needs Improvement

Musk Sues OpenAI, Demands Removal of CEO Altman

AI Daily: AI Video Mystery Dark Horse Happy Horse Makes Its Debut; Aisi Technology PixVerse C1 Released; 360 Creates Xiaoshu APP

Gemini Update Helps Users in Crisis Access Mental Health Support Faster

Programmer Uses AI to Generate Violation Reporting Web Version App, Expected to Launch in Two Months

Li Shubin of Meituan: The First Step for Catering Businesses to Embrace AI Is Information Digitization

The Mind-Reading Technology of Taobao Merchants Is Here! Wanmeng Technology's Magic Cube AI Quality Inspection VOC Enters the Service Marketplace

GEO Services