9 matches found
CVE-2026-42431 OpenClaw < 2026.4.8 - Persistent Profile Mutation via node.invoke(browser.proxy) Bypass
OpenClaw before 2026.4.8 contains a security bypass vulnerability in node.invokebrowser.proxy that allows mutation of persistent browser profiles. Attackers can exploit this path to circumvent the browser.request persistent profile-mutation guard and modify browser configurations...
CVE-2026-42431 OpenClaw < 2026.4.8 - Persistent Profile Mutation via node.invoke(browser.proxy) Bypass
OpenClaw before 2026.4.8 contains a security bypass vulnerability in node.invokebrowser.proxy that allows mutation of persistent browser profiles. Attackers can exploit this path to circumvent the browser.request persistent profile-mutation guard and modify browser configurations...
CVE-2026-42431
OpenClaw contains a vulnerability where node.invoke(browser.proxy) bypasses the browser.request persistent profile‑mutation guard, enabling mutation of persistent browser profiles. Affected software: OpenClaw npm package, prior to 2026.4.8. Root cause: a security bypass path in node.invoke(browse...
GHSA-XP9R-PRPG-373R OpenClaw: `browser.request` still allows `POST /reset-profile` through the `operator.write` surface
Fixed in OpenClaw 2026.3.24, the current shipping release. Title browser.request still allows POST /reset-profile through the operator.write surface in OpenClaw v2026.3.22 after GHSA-vmhq-cqm9-6p7q Severity Assessment High CWE: - CWE-863: Incorrect Authorization Proposed CVSS v3.1: - 8.1...
OpenClaw: `browser.request` still allows `POST /reset-profile` through the `operator.write` surface
Fixed in OpenClaw 2026.3.24, the current shipping release. Title browser.request still allows POST /reset-profile through the operator.write surface in OpenClaw v2026.3.22 after GHSA-vmhq-cqm9-6p7q Severity Assessment High CWE: - CWE-863: Incorrect Authorization Proposed CVSS v3.1: - 8.1...
Microsoft Yammer - Persistent Profile Vulnerabilities
Document Title: =============== Microsoft Yammer - Persistent Profile Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=978 MSRC ID: 14808 Release Date: ============= 2013-12-11 Vulnerability Laboratory ID VL-ID:...
Microsoft Yammer - Persistent Profile Vulnerabilities
Document Title: =============== Microsoft Yammer - Persistent Profile Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=978 MSRC ID: 14808 Release Date: ============= 2013-12-11 Vulnerability Laboratory ID VL-ID:...
Skype 5.3.x 2.2.x 5.2.x - Persistent Profile Vulnerability
Document Title: =============== Skype 5.3.x 2.2.x 5.2.x - Persistent Profile Vulnerability References: =========== View: http://www.youtube.com/watch?v=eIgb9D-0DWs Download: http://www.vulnerability-lab.com/resources/videos/222.wmv Release Date: ============= 2011-07-14 Vulnerability Laboratory I...
Skype 5.3.x 2.2.x 5.2.x - Persistent Profile Vulnerability
Document Title: =============== Skype 5.3.x 2.2.x 5.2.x - Persistent Profile Vulnerability References: =========== View: http://www.youtube.com/watch?v=eIgb9D-0DWs Download: http://www.vulnerability-lab.com/resources/videos/222.wmv Release Date: ============= 2011-07-14 Vulnerability Laboratory I...