Lucene search
+L

90 matches found

NVD
NVD
added 4 days ago8 views

CVE-2026-15627

A vulnerability was identified in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This vulnerability affects the function handleNavigate of the file pkg/browser/tool.go. Such manipulation of the argument args.targetUrl leads to information disclosure. The attack may be performed from remote. The...

5.3CVSS0.00246EPSS
Exploits0References7
NVD
NVD
added 4 days ago11 views

CVE-2026-15626

A vulnerability was determined in nextlevelbuilder GoClaw 3.13.3-beta.3. This affects the function writeFile of the file internal/providers/acp/toolbridge.go of the component ACP ToolBridge Workspace Handler. This manipulation causes path traversal. The attack is possible to be carried out...

6.5CVSS0.00294EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 4 days ago3 views

CVE-2026-15627

A vulnerability was identified in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This vulnerability affects the function handleNavigate of the file pkg/browser/tool.go. Such manipulation of the argument args.targetUrl leads to information disclosure. The attack may be performed from remote. The...

5.3CVSS5.9AI score0.00246EPSS
Exploits0References7
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-43616

A vulnerability was identified in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This vulnerability affects the function handleNavigate of the file pkg/browser/tool.go. Such manipulation of the argument args.targetUrl leads to information disclosure. The attack may be performed from remote. The...

5.3CVSS5.9AI score0.00246EPSS
Exploits0References7
CVE
CVE
added 4 days ago12 views

CVE-2026-15627

The CVE-2026-15627 vulnerability affects the GoClaw component of nextlevelbuilder up to version 3.13.3-beta.3. It targets the handleNavigate function in pkg/browser/tool.go, where manipulation of the args.targetUrl parameter leads to information disclosure. The issue is exploitable remotely, and ...

5.3CVSS5.9AI score0.00246EPSS
Exploits0References7
OSV
OSV
added 4 days ago3 views

CVE-2026-15627 nextlevelbuilder GoClaw tool.go handleNavigate information disclosure

A vulnerability was identified in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This vulnerability affects the function handleNavigate of the file pkg/browser/tool.go. Such manipulation of the argument args.targetUrl leads to information disclosure. The attack may be performed from remote. The...

5.3CVSS5.9AI score0.00246EPSS
Exploits0References9
NVD
NVD
added 4 days ago7 views

CVE-2026-15625

A vulnerability was found in nextlevelbuilder GoClaw 3.11.3. Affected by this issue is the function ExecApprovalManager.CheckCommand of the file internal/tools/execapproval.go. The manipulation results in incomplete blacklist. The attack can be executed remotely. The exploit has been made public...

6.5CVSS0.0028EPSS
Exploits0References12
NVD
NVD
added 4 days ago6 views

CVE-2026-15624

A vulnerability has been found in nextlevelbuilder GoClaw 3.13.3-beta.3. Affected by this vulnerability is the function bytePlusDownloadVideo of the file internal/tools/createvideobyteplus.go of the component invoke Endpoint. The manipulation of the argument output.videourl leads to server-side...

6.5CVSS0.00209EPSS
Exploits0References6
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-43615

A vulnerability was determined in nextlevelbuilder GoClaw 3.13.3-beta.3. This affects the function writeFile of the file internal/providers/acp/toolbridge.go of the component ACP ToolBridge Workspace Handler. This manipulation causes path traversal. The attack is possible to be carried out...

6.5CVSS6.3AI score0.00294EPSS
Exploits0References7
CVE
CVE
added 4 days ago9 views

CVE-2026-15626

CVE-2026-15626 affects nextlevelbuilder GoClaw 3.13.3-beta.3, specifically the ACP ToolBridge Workspace Handler’s writeFile function in internal/providers/acp/tool_bridge.go. The issue enables path traversal, allowing remote exploitation. Public exploit details exist. Affected product/version and...

6.5CVSS6.3AI score0.00294EPSS
Exploits0References7
OSV
OSV
added 4 days ago3 views

CVE-2026-15626 nextlevelbuilder GoClaw ACP ToolBridge Workspace tool_bridge.go writeFile path traversal

A vulnerability was determined in nextlevelbuilder GoClaw 3.13.3-beta.3. This affects the function writeFile of the file internal/providers/acp/toolbridge.go of the component ACP ToolBridge Workspace Handler. This manipulation causes path traversal. The attack is possible to be carried out...

5.3CVSS6.3AI score0.00294EPSS
Exploits0References9
CVE
CVE
added 4 days ago8 views

CVE-2026-15625

The vulnerability CVE-2026-15625 affects nextlevelbuilder GoClaw 3.11.3. It targets the function ExecApprovalManager.CheckCommand in internal/tools/exec_approval.go, causing an incomplete blacklist. This enables a remote attack and has a publicly available exploit, with PoC maturity. Impact metri...

6.5CVSS6.4AI score0.0028EPSS
Exploits0References12
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-43614

A vulnerability was found in nextlevelbuilder GoClaw 3.11.3. Affected by this issue is the function ExecApprovalManager.CheckCommand of the file internal/tools/execapproval.go. The manipulation results in incomplete blacklist. The attack can be executed remotely. The exploit has been made public...

6.5CVSS6.4AI score0.0028EPSS
Exploits0References12
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-15625 nextlevelbuilder GoClaw exec_approval.go ExecApprovalManager.CheckCommand incomplete blacklist

A vulnerability was found in nextlevelbuilder GoClaw 3.11.3. Affected by this issue is the function ExecApprovalManager.CheckCommand of the file internal/tools/execapproval.go. The manipulation results in incomplete blacklist. The attack can be executed remotely. The exploit has been made public...

6.5CVSS0.0028EPSS
Exploits0References12
OSV
OSV
added 4 days ago2 views

CVE-2026-15625 nextlevelbuilder GoClaw exec_approval.go ExecApprovalManager.CheckCommand incomplete blacklist

A vulnerability was found in nextlevelbuilder GoClaw 3.11.3. Affected by this issue is the function ExecApprovalManager.CheckCommand of the file internal/tools/execapproval.go. The manipulation results in incomplete blacklist. The attack can be executed remotely. The exploit has been made public...

5.3CVSS6.4AI score0.0028EPSS
Exploits0References14
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-43613

A vulnerability has been found in nextlevelbuilder GoClaw 3.13.3-beta.3. Affected by this vulnerability is the function bytePlusDownloadVideo of the file internal/tools/createvideobyteplus.go of the component invoke Endpoint. The manipulation of the argument output.videourl leads to server-side...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago36 views

CVE-2026-15624 nextlevelbuilder GoClaw invoke Endpoint create_video_byteplus.go bytePlusDownloadVideo server-side request forgery

A vulnerability has been found in nextlevelbuilder GoClaw 3.13.3-beta.3. Affected by this vulnerability is the function bytePlusDownloadVideo of the file internal/tools/createvideobyteplus.go of the component invoke Endpoint. The manipulation of the argument output.videourl leads to server-side...

6.5CVSS0.00209EPSS
Exploits0References6
CVE
CVE
added 4 days ago9 views

CVE-2026-15624

Summary: CVE-2026-15624 affects nextlevelbuilder GoClaw 3.13.3-beta.3. The vulnerability is in the function bytePlusDownloadVideo (internal/tools/create_video_byteplus.go) of the invoke Endpoint. By manipulating the argument output.video_url, an attacker can trigger a server-side request forgery....

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
OSV
OSV
added 4 days ago4 views

CVE-2026-15624 nextlevelbuilder GoClaw invoke Endpoint create_video_byteplus.go bytePlusDownloadVideo server-side request forgery

A vulnerability has been found in nextlevelbuilder GoClaw 3.13.3-beta.3. Affected by this vulnerability is the function bytePlusDownloadVideo of the file internal/tools/createvideobyteplus.go of the component invoke Endpoint. The manipulation of the argument output.videourl leads to server-side...

5.3CVSS6.2AI score0.00209EPSS
Exploits0References8
NVD
NVD
added 2026/07/05 6:16 a.m.13 views

CVE-2026-14716

A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.13.0-beta.2. Impacted is the function MethodRouter.Handle of the file internal/gateway/router.go of the component WebSocket RPC Handler. Such manipulation leads to incorrect authorization. The attack may be launched...

6.5CVSS0.00228EPSS
Exploits0References6
Rows per page
Query Builder