41 matches found
GHSA-QCJ9-WWGW-6GM8 OpenClaw: Workspace `.env` can override the bundled plugin trust root
Summary Workspace .env can override the bundled plugin trust root Current Maintainer Triage - Status: open - Normalized severity: high - Assessment: v2026.3.28 still lets workspace .env override OPENCLAWBUNDLEDPLUGINSDIR, but critical is too high because exploitation still depends on...
OpenClaw: Workspace `.env` can override the bundled hooks root and load attacker hook code
Summary Workspace .env can override the bundled hooks root and load attacker hook code Current Maintainer Triage - Status: open - Normalized severity: high - Assessment: v2026.3.28 still lets workspace .env override OPENCLAWBUNDLEDHOOKSDIR, which can replace trusted default-on bundled hooks from ...
CVE-2026-33881
Windmill CVE-2026-33881 affects the NativeTS executor in Windmill’s workspace environment. The flaw arises because workspace environment variable values are interpolated into JavaScript string literals without escaping single quotes, allowing a workspace admin to inject arbitrary JavaScript that ...
CVE-2026-33881 Windmill: Rogue Workspace Admins can inject code via unescaped workspace environment variable interpolation in NativeTS executor
Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Workspace environment variable values are interpolated into JavaScript string literals without escaping single quotes in the NativeTS executor. A workspace admin who sets a custom environmen...
CVE-2025-66411
Summary of CVE-2025-66411 (Coder) Coder prior to versions 2.26.5, 2.27.7, and 2.28.4 logs Workspace Agent manifests containing sensitive values in plaintext. This could allow an attacker with limited local access to a Coder Workspace (VM, Kubernetes Pod, etc.) or a connected logging system (e.g.,...
Unable to login to WEM Web Console
When Login to Workspace Environment Management Web Console get the message "The user name or password is incorrect. Try again."...
Citrix Virtual Apps and Desktop Profile Management (UPM, WEM)
Citrix Profile Management Introduction Profile Management is intended as a profile solution for Citrix Virtual Apps servers, virtual desktops created with Citrix Virtual Desktops, and physical desktops. You install Profile Management on each computer whose profiles you want to manage. Active...
There is no LTSR version of WEM
This article describes whether there is Long Term Service Release LTSR version of Workspace Environment Management WEM...
Unable to import GPO into Workspace Environment Management service - Invalid Zip file
When trying to import a GPO into WEM console in Citrix Cloud Web console, users get an error stating "Invalid ZIP file. Replace your file and try again"...
How to specify command line parameters when distributing a WEM application
To deploy applications via Workspace Environment management with additional command line parameters...
How to Add process Management black/White list on WEM
...
How to Troubleshoot Workspace Environment Management (WEM) Database Migration to Citrix Cloud
The October 2018 release of the Workspace Environment Management service included the Citrix WEM Migration Tool. The purpose of this tool is to allow customers to migrate their on-premise WEM deployment database to the Workspace Environment Management service in Citrix Cloud. Note: Before using...
How to properly bind WEM agent machines with WEM broker server on a first time setup
This article explains how to properly bind the WEM agent machines to the WEM broker server on a first time setup of the Citrix Workspace Environment Management product...
A valid license server with appropriate licenses needs to be configured before you can start using Citrix Workspace Environment Management
Error "A valid license server with appropriate licenses needs to be configured before you can start using Citrix Workspace Environment Management" whiletrying to launch WEM console...
Windows 10 October 2018 Update (v1809) – Citrix Known Issues
Microsoft releases software updates for Windows 10 twice a year through the Semi-Annual Channel. On 2nd October2018, Microsoft released its latest Semi-Annual Channel release for Windows 10 called 'October 2018 Update' v1809. This article is intended to capture known issues with Windows 10...
Application Security rules might not be enforced properly when multiple users simultaneously log on to the same server OS machine
When multiple session support is enabled on a Windows server OS machine, Workspace Environment Management WEM application security rules of previously logged on users are replaced by rules of a more recently logged on user. For example, if a rule is assigned to user1 but not to user2, when user2...
Configure Citrix Profile Management through WEM
Instruct engineers in how to configure citrix profile management through WEM...
WEM Console Access error: "You are not registered as a Workspace Environment Management Administrator. Therefore, you are not allowed to access the service..."
When attempting to connect to the WEM site using the WEM Admin console, the following message appears: "You are not registered as a Workspace Environment Management Administrator. Therefore, you are not allowed to access the service. Please contact your Workspace Environment Management...
How to Enable Debug Logging on Workspace Environment Management Agent manually, if no connectivity to Broker exists
The Workstation Environment Management Agent and related service feature an optional debug level of logging.This additional level of logging is significantly more verbose than the standard logging levels and is disabled by default and only enabled to troubleshoot specific issues. Under normal...
Error: "Error while changing IO Priority to High for Process" for Processes Related to Antivirus Software
The Windows Event Log on a machine running Workspace Environment Management may contain many events from the WEM Agent Service. These events all relate to processes for Antivirus software installed on the device...