A critical vulnerability in Clawdbot, an AI agent that integrates with messaging platforms like Telegram, Slack, and Signal, has been discovered, leaving sensitive user data exposed to attackers. The flaw stems from a misconfiguration in the Clawdbot Control interface, which allowed unauthenticated external access to critical system functions, including root command execution and data manipulation. This issue highlights the growing security risks associated with AI-powered systems.
