CVE-2026-16120
CVE-2026-16120 affects nextlevelbuilder GoClaw up to version 3.13.3-beta.3. The vulnerability targets the function matchesAllowlist/extractBin in internal/tools/exec_approval.go, where manipulation can cause an incorrectly-resolved name. The attack can be performed remotely, and public exploitati...