OpenClaw prior to version 2026.3.22 contains an access control flaw in its allowProfiles feature that permits an attacker to skirt profile restrictions by mutating browser proxy profiles during runtime. The flaw enables unauthorized users to gain access to profiles intended to be protected, potentially exposing sensitive information or permitting further manipulation of application state. This weakness falls under CWE‑472, which denotes improper access control.

The vulnerability affects installations of OpenClaw that are running any release before 2026.3.22. The issue is tied to the allowProfiles function, which is part of the core configuration of the OpenClaw server. Users operating older OpenClaw versions without the patch are therefore exposed to the risk of bypassing authorization controls.

The CVSS score of 7.6 indicates a high severity level, while the EPSS score of less than 1% suggests that the likelihood of real‑world exploitation is currently very low but not impossible. The vulnerability is not listed in the CISA KEV catalog, so no known large‑scale exploit activity has been reported. Attackers would need to convince a user to load malicious proxy profile data or otherwise gain control of the application’s profile handling logic; the description implies that the exploitation path requires remote interaction via the browser, so it is primarily a remote attack vector.