MUSCAT : The Information Security Team at the Financial Services Authority (FSA), in collaboration with international organisations specialising in vulnerability disclosure, was able to identify and report three critical security vulnerabilities in the globally used OpenClaw autonomous AI agents system, marking an achievement that reflects the advanced technical capabilities of the Team and its ability to address emerging cybersecurity challenges associated with modern technologies.

The discovered vulnerabilities were officially validated and published through international cybersecurity vulnerability and technical advisory platforms under the following records: CVE-2026-44109, CVE-2026-43527, and CVE-2026-43582. Technical analysis findings indicated that these vulnerabilities could potentially be exploited to compromise targeted systems and devices, including the execution of unauthorised operations or actions. This highlights the advanced security risks associated with autonomous artificial intelligence systems and underscores the importance of strengthening preventive cybersecurity controls related to such technologies.

This achievement comes as part of the FSA Information Security Team’s ongoing efforts to keep pace with rapid technological advancements and to study and analyse emerging security implications associated with AI technologies, contributing to enhanced institutional and national readiness to address future cyber threats and support a safer and more secure digital environment.