Lucene search
K

78 matches found

NVD
NVD
added yesterday7 views

CVE-2026-15627

A vulnerability was identified in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This vulnerability affects the function handleNavigate of the file pkg/browser/tool.go. Such manipulation of the argument args.targetUrl leads to information disclosure. The attack may be performed from remote. The...

5.3CVSS0.00246EPSS
Exploits0References7
NVD
NVD
added yesterday8 views

CVE-2026-15626

A vulnerability was determined in nextlevelbuilder GoClaw 3.13.3-beta.3. This affects the function writeFile of the file internal/providers/acp/toolbridge.go of the component ACP ToolBridge Workspace Handler. This manipulation causes path traversal. The attack is possible to be carried out...

6.5CVSS0.00294EPSS
Exploits0References7
CVE
CVE
added yesterday8 views

CVE-2026-15627

The CVE-2026-15627 vulnerability affects the GoClaw component of nextlevelbuilder up to version 3.13.3-beta.3. It targets the handleNavigate function in pkg/browser/tool.go, where manipulation of the args.targetUrl parameter leads to information disclosure. The issue is exploitable remotely, and ...

5.3CVSS5.9AI score0.00246EPSS
Exploits0References7
EUVD
EUVD
added yesterday5 views

EUVD-2026-43616

A vulnerability was identified in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This vulnerability affects the function handleNavigate of the file pkg/browser/tool.go. Such manipulation of the argument args.targetUrl leads to information disclosure. The attack may be performed from remote. The...

5.3CVSS5.9AI score0.00246EPSS
Exploits0References7
NVD
NVD
added yesterday5 views

CVE-2026-15624

A vulnerability has been found in nextlevelbuilder GoClaw 3.13.3-beta.3. Affected by this vulnerability is the function bytePlusDownloadVideo of the file internal/tools/createvideobyteplus.go of the component invoke Endpoint. The manipulation of the argument output.videourl leads to server-side...

6.5CVSS0.00209EPSS
Exploits0References6
NVD
NVD
added yesterday7 views

CVE-2026-15625

A vulnerability was found in nextlevelbuilder GoClaw 3.11.3. Affected by this issue is the function ExecApprovalManager.CheckCommand of the file internal/tools/execapproval.go. The manipulation results in incomplete blacklist. The attack can be executed remotely. The exploit has been made public...

6.5CVSS0.0028EPSS
Exploits0References12
CVE
CVE
added yesterday9 views

CVE-2026-15626

CVE-2026-15626 affects nextlevelbuilder GoClaw 3.13.3-beta.3, specifically the ACP ToolBridge Workspace Handler’s writeFile function in internal/providers/acp/tool_bridge.go. The issue enables path traversal, allowing remote exploitation. Public exploit details exist. Affected product/version and...

6.5CVSS6.3AI score0.00294EPSS
Exploits0References7
EUVD
EUVD
added yesterday5 views

EUVD-2026-43615

A vulnerability was determined in nextlevelbuilder GoClaw 3.13.3-beta.3. This affects the function writeFile of the file internal/providers/acp/toolbridge.go of the component ACP ToolBridge Workspace Handler. This manipulation causes path traversal. The attack is possible to be carried out...

6.5CVSS6.3AI score0.00294EPSS
Exploits0References7
CVE
CVE
added yesterday7 views

CVE-2026-15625

The vulnerability CVE-2026-15625 affects nextlevelbuilder GoClaw 3.11.3. It targets the function ExecApprovalManager.CheckCommand in internal/tools/exec_approval.go, causing an incomplete blacklist. This enables a remote attack and has a publicly available exploit, with PoC maturity. Impact metri...

6.5CVSS6.4AI score0.0028EPSS
Exploits0References12
Cvelist
Cvelist
added yesterday11 views

CVE-2026-15625 nextlevelbuilder GoClaw exec_approval.go ExecApprovalManager.CheckCommand incomplete blacklist

A vulnerability was found in nextlevelbuilder GoClaw 3.11.3. Affected by this issue is the function ExecApprovalManager.CheckCommand of the file internal/tools/execapproval.go. The manipulation results in incomplete blacklist. The attack can be executed remotely. The exploit has been made public...

6.5CVSS0.0028EPSS
Exploits0References12
EUVD
EUVD
added yesterday5 views

EUVD-2026-43614

A vulnerability was found in nextlevelbuilder GoClaw 3.11.3. Affected by this issue is the function ExecApprovalManager.CheckCommand of the file internal/tools/execapproval.go. The manipulation results in incomplete blacklist. The attack can be executed remotely. The exploit has been made public...

6.5CVSS6.4AI score0.0028EPSS
Exploits0References12
CVE
CVE
added yesterday8 views

CVE-2026-15624

Summary: CVE-2026-15624 affects nextlevelbuilder GoClaw 3.13.3-beta.3. The vulnerability is in the function bytePlusDownloadVideo (internal/tools/create_video_byteplus.go) of the invoke Endpoint. By manipulating the argument output.video_url, an attacker can trigger a server-side request forgery....

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
EUVD
EUVD
added yesterday5 views

EUVD-2026-43613

A vulnerability has been found in nextlevelbuilder GoClaw 3.13.3-beta.3. Affected by this vulnerability is the function bytePlusDownloadVideo of the file internal/tools/createvideobyteplus.go of the component invoke Endpoint. The manipulation of the argument output.videourl leads to server-side...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
NVD
NVD
added 2026/07/05 6:16 a.m.12 views

CVE-2026-14716

A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.13.0-beta.2. Impacted is the function MethodRouter.Handle of the file internal/gateway/router.go of the component WebSocket RPC Handler. Such manipulation leads to incorrect authorization. The attack may be launched...

6.5CVSS0.00228EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/05 5:45 a.m.9 views

CVE-2026-14716

A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.13.0-beta.2. Impacted is the function MethodRouter.Handle of the file internal/gateway/router.go of the component WebSocket RPC Handler. Such manipulation leads to incorrect authorization. The attack may be launched...

6.5CVSS6.1AI score0.00228EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/05 5:45 a.m.10 views

EUVD-2026-41730

A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.13.0-beta.2. Impacted is the function MethodRouter.Handle of the file internal/gateway/router.go of the component WebSocket RPC Handler. Such manipulation leads to incorrect authorization. The attack may be launched...

6.5CVSS6.1AI score0.00228EPSS
Exploits0References6
CVE
CVE
added 2026/07/05 5:45 a.m.21 views

CVE-2026-14716

CVE-2026-14716 affects nextlevelbuilder GoClaw up to version 3.13.0-beta.2. The vulnerability is in MethodRouter.Handle (internal/gateway/router.go) of the WebSocket RPC Handler, where an input manipulation can bypass authorization. It is a remote-risk scenario with a publicly disclosed exploit. ...

6.5CVSS6.1AI score0.00228EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/05 5:45 a.m.40 views

CVE-2026-14716 nextlevelbuilder GoClaw WebSocket RPC router.go MethodRouter.Handle authorization

A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.13.0-beta.2. Impacted is the function MethodRouter.Handle of the file internal/gateway/router.go of the component WebSocket RPC Handler. Such manipulation leads to incorrect authorization. The attack may be launched...

6.5CVSS0.00228EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.9 views

PT-2026-55770

Name of the Vulnerable Software and Affected Versions nextlevelbuilder GoClaw versions prior to 3.13.0-beta.3 Description An issue exists in the WebSocket RPC Handler component within the MethodRouter.Handle function of the internal/gateway/router.go file. This flaw allows for remote manipulation...

6.5CVSS6.6AI score0.00228EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-10583

A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. Affected by this issue is the function Import of the file internal/http/ttsconfig.go of the component TTS Configuration Endpoint. The manipulation leads to server-side request forgery. It is possible to initiate t...

5.8CVSS5.1AI score0.00227EPSS
Exploits0References1
Rows per page
Query Builder