A high-severity authentication bypass vulnerability has been discovered in ClawDBot, a popular npm package, enabling attackers to achieve remote code execution through a single malicious link. The flaw stems from insufficient validation of the gateway URL parameter, combined with automatic connection behavior that exposes authentication tokens to unauthorized actors. Vulnerability Overview The vulnerability, identified as […] The post Critical 1-Click Clawdbot Vulnerability Allows Malicious RCE Exploitation appeared first on Cyber Security News.