OpenClaw Marketplace: ClawHavoc Campaign and CVE-2026-25253 RCE Analysis
The ClawHavoc campaign targets the OpenClaw Marketplace by distributing poisoned AI agent "skills" designed to exploit CVE-2026-25253. This critical remote code execution (RCE) vulnerability allows attackers to escape the sandboxed execution context of an AI agent and gain access to the underlying host system. By integrating these malicious skills into enterprise workflows, threat actors weaponize the agent's inherent permissions to achieve full host compromise, facilitate lateral movement, and enable unauthorized data exfiltration. This represents a significant escalation in AI supply chain risks, where the trust-based model of agentic extensibility is used to bypass traditional security perimeters and compromise critical infrastructure.