Skip to main content
In early 2026, a security researcher discovered over 42,000 publicly exposed OpenClaw instances via a passive internet scan. By March 2026, that number had grown to 258,305 — tracked in real time on a public watchboard. Of the instances that were actively verified, 93.4% had critical authentication bypass vulnerabilities. This section covers what to do if you’re running a self-hosted OpenClaw instance.
If your server’s IP appears on the OpenClaw Exposure Watchboard, your instance is publicly reachable from the internet right now. Treat it as potentially compromised and follow the steps in this section immediately.

What happened

OpenClaw was designed as a local-first personal assistant. When users deployed it to cloud VPS providers for always-on availability, the gateway port (18789) became internet-accessible — often without a firewall or authentication configured. Security researchers later found that ClawHub, the skill marketplace, contained 1,184 malicious skills, and a WebSocket vulnerability (CVE-2026-25253, “ClawJacked”, CVSS 8.8) allowed malicious websites to hijack local instances without user interaction. For a detailed timeline and analysis, see the Coral blog: The OpenClaw Security Crisis of 2026.

Choose your path

Harden Your Instance

Keep your self-hosted OpenClaw instance and secure it with step-by-step hardening instructions.

Terminate Your Instance

Shut down your exposed instance entirely. Step-by-step instructions for every major cloud provider.

How Coral Protects You

See Coral’s security architecture: dedicated VMs, authenticated proxy layer, and server-side credential isolation.