AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-cmfr-9m2r-xwhq: OpenClaw `node.invoke(browser.proxy)` bypasses `browser.request` persistent profile-mutation guard

mediumvulnerability

security

Source: GitHub Advisory DatabaseApril 9, 2026

Summary

OpenClaw, a user-controlled local assistant, had a security flaw where `node.invoke(browser.proxy)` could bypass the `browser.request` guard and modify persistent browser profiles (stored settings that shouldn't be changed without permission). The vulnerability affected versions up to v2026.04.01.

Solution / Mitigation

Update to patched version `2026.4.8` or later. The fix is available in npm and was verified in commit `d7c3210cd6f5fdfdc1beff4c9541673e814354d5`.

Classification

Attack SophisticationModerate

Impact (CIA+S)

integrity

AI Component TargetedAPI

Affected Vendors

Affected Packages

openclaw@< 2026.4.8 (fixed: 2026.4.8)

Monthly digest — independent AI security research

Original source: https://github.com/advisories/GHSA-cmfr-9m2r-xwhq

First tracked: April 9, 2026 at 02:00 PM

Classified by LLM (prompt v3) · confidence: 75%