Cybersecurity firm Cyera has discovered four vulnerabilities in the OpenClaw AI assistant that can be chained together to allow attackers to escape the sandbox and plant backdoors on the host system. The so-called Claw Chain attack exploits race conditions and access control flaws to let attackers leak credentials, escalate privileges, and gain persistent control, with over 60,000 publicly accessible OpenClaw instances potentially at risk. The vulnerabilities were reported to OpenClaw's maintainers on April 22nd and patched the following day, but the incident highlights how multiple smaller security weaknesses in AI agents can be combined to achieve full system compromise.