CVE-2026-42431
Received Received - Intake
Security Bypass in OpenClaw node.invoke Enables Persistent Profile Mutation

Publication date: 2026-04-28

Last updated on: 2026-04-30

Assigner: VulnCheck

Description
OpenClaw before 2026.4.8 contains a security bypass vulnerability in node.invoke(browser.proxy) that allows mutation of persistent browser profiles. Attackers can exploit this path to circumvent the browser.request persistent profile-mutation guard and modify browser configurations.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-28
Last Modified
2026-04-30
Generated
2026-05-07
AI Q&A
2026-04-28
EPSS Evaluated
2026-05-05
NVD
CVE-2026-42431
EUVD
EUVD-2026-26133
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.4.8 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The provided information does not specify how CVE-2026-42431 impacts compliance with common standards and regulations such as GDPR or HIPAA.


Can you explain this vulnerability to me?

CVE-2026-42431 is a high-severity security bypass vulnerability in OpenClaw versions before 2026.4.8. It affects the function node.invoke(browser.proxy), which allows attackers to mutate persistent browser profiles by bypassing the browser.request persistent profile-mutation guard.

This means that attackers can circumvent the intended authorization checks and modify browser configurations without proper permission.

The vulnerability is classified under CWE-863 (Incorrect Authorization), indicating that while authorization checks exist, they are not correctly enforced in this case.


How can this vulnerability impact me? :

This vulnerability allows attackers with low privileges and no user interaction to perform unauthorized, high-impact changes to persistent browser profiles.

Such unauthorized modifications can compromise browser configurations, potentially leading to security risks such as altered browser behavior, exposure of sensitive data, or enabling further attacks.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, you should update OpenClaw to version 2026.4.8 or later, where the security bypass issue in node.invoke(browser.proxy) has been fixed.

This update addresses the incorrect authorization flaw that allowed unauthorized mutation of persistent browser profiles.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart