Lucene search
K

5 matches found

NVD
NVD
added 2026/04/10 5:17 p.m.8 views

CVE-2026-35653

OpenClaw before 2026.3.24 contains an incorrect authorization vulnerability in the POST /reset-profile endpoint that allows authenticated callers with operator.write access to browser.request to bypass profile mutation restrictions. Attackers can invoke POST /reset-profile through the...

8.1CVSS0.006EPSS
Exploits1References4
CVE
CVE
added 2026/04/10 4:3 p.m.10 views

CVE-2026-35653

OpenClaw prior to 2026.3.24 contains an incorrect authorization flaw in POST /reset-profile. Authenticated callers with operator.write access to browser.request can bypass profile mutation restrictions, potentially stopping the running browser, closing Playwright connections, and moving profile d...

8.1CVSS5.8AI score0.006EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/10 4:3 p.m.6 views

CVE-2026-35653

OpenClaw before 2026.3.24 contains an incorrect authorization vulnerability in the POST /reset-profile endpoint that allows authenticated callers with operator.write access to browser.request to bypass profile mutation restrictions. Attackers can invoke POST /reset-profile through the...

8.1CVSS5.8AI score0.006EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.9 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.24 contained security vulnerabilities. These vulnerabilities stemmed from improper authorization in the POST /reset-profile endpoint, which could allow callers with the...

8.1CVSS5.8AI score0.006EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.9 views

PT-2026-31964

OpenClaw before 2026.3.24 contains an incorrect authorization vulnerability in the POST /reset-profile endpoint that allows authenticated callers with operator.write access to browser.request to bypass profile mutation restrictions. Attackers can invoke POST /reset-profile through the...

8.1CVSS5.8AI score0.006EPSS
Exploits1References5
Rows per page
Query Builder