diff --git a/CHANGELOG.md b/CHANGELOG.md
index fad8a3b..4a828c3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,12 @@
---
+## [v0.50.12] Profile .env isolation — prevent API key leakage on profile switch (fixes #351)
+
+- **API keys no longer leak between profiles on switch** (`api/profiles.py`): `_reload_dotenv()` now tracks which env vars were loaded from the active profile's `.env` and clears them before loading the next profile. Previously, switching from a profile with `OPENAI_API_KEY=X` to a profile without that key left `X` in `os.environ` for the duration of the process — effectively leaking credentials across the profile boundary. A module-level `_loaded_profile_env_keys: set[str]` tracks loaded keys; it is cleared and repopulated on every `_reload_dotenv()` call.
+- **`apply_onboarding_setup()` ordering fixed** (`api/onboarding.py`): the belt-and-braces `os.environ[key] = api_key` direct assignment is now placed **after** `_reload_dotenv()`. Previously the key was wiped by the isolation cleanup when `_reload_dotenv()` ran immediately after the direct set.
+ - 2 new tests in `tests/test_profile_env_isolation.py`; 815 tests total (up from 813)
+
## [v0.50.11] Chat table styles + plain URL auto-linking (fixes #341, #342)
- **Tables in chat messages now render with visible borders** (`static/style.css`): The `.msg-body` area had no table CSS, so markdown tables sent by the assistant were unstyled and unreadable. Four new rules mirror the existing `.preview-md` table styles: `border-collapse:collapse`, per-cell padding and borders via `var(--border2)`, and an alternating-row tint. Two `:root[data-theme="light"]` overrides ensure the borders and header background adapt correctly in light mode. (fixes #341)
diff --git a/static/index.html b/static/index.html
index cf7e8cf..fdd42c9 100644
--- a/static/index.html
+++ b/static/index.html
@@ -526,7 +526,7 @@