CVE ID :CVE-2026-32972 Published : March 29, 2026, 1:17 p.m. | 1 hour, 33 minutes ago Description :OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing authenticated operators with only operator.write permission to access admin-only browser profile management routes through browser.request. Attackers can create or modify browser profiles and persist attacker-controlled remote CDP endpoints to disk without holding operator.admin privileges. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...