5 matches found
CVE-2026-16120
A vulnerability was determined in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This impacts the function matchesAllowlist/extractBin of the file internal/tools/execapproval.go. Executing a manipulation can lead to incorrectly-resolved name. The attack may be performed from remote. The exploit has...
CVE-2026-15627
A vulnerability was identified in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This vulnerability affects the function handleNavigate of the file pkg/browser/tool.go. Such manipulation of the argument args.targetUrl leads to information disclosure. The attack may be performed from remote. The...
CVE-2026-10617 nextlevelbuilder GoClaw Webhook Verification auth.go resolveAuth missing authentication
A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. This affects the function resolveAuth of the file internal/http/auth.go of the component Webhook Verification Handler. The manipulation leads to missing authentication. Remote exploitation of the attack is possibl...
PT-2026-45820
Name of the Vulnerable Software and Affected Versions GoClaw versions prior to 3.11.4 Description A weakness in the Team Task Completion Handler component allows for missing authorization. This issue occurs within the TeamTasksTool.executeComplete function located in the internal/tools/team tasks...
EUVD-2026-33538
A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/ttsconfig.go of the component RoleAdmin Gateway. This manipulation causes improper privilege management. Remote exploitation of the attack is possible. The...