Lucene search
K

85 matches found

CVE
CVE
added 15 hours ago9 views

CVE-2026-15626

CVE-2026-15626 affects nextlevelbuilder GoClaw 3.13.3-beta.3, specifically the ACP ToolBridge Workspace Handler’s writeFile function in internal/providers/acp/tool_bridge.go. The issue enables path traversal, allowing remote exploitation. Public exploit details exist. Affected product/version and...

6.5CVSS6.3AI score
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.11 views

CVE-2026-10219

A vulnerability was found in nextlevelbuilder GoClaw up to 3.11.3. This impacts the function FsBridge.WriteFile of the file internal/sandbox/fsbridge.go of the component writefile Tool. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely. T...

7.5CVSS6.7AI score0.01336EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/01 5:10 a.m.5 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the FsBridge.WriteFile function. An attacker can execute arbitrary operating system commands by supplying crafted input remotely. Remediation Upgrade github.com/nextlevelbuilder/goclaw/internal/sandbox to version...

7.5CVSS7.7AI score0.01336EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/01 3:15 a.m.13 views

EUVD-2026-33540

A vulnerability was found in nextlevelbuilder GoClaw up to 3.11.3. This impacts the function FsBridge.WriteFile of the file internal/sandbox/fsbridge.go of the component writefile Tool. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely. T...

7.5CVSS6.7AI score0.01336EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/01 3:15 a.m.42 views

CVE-2026-10219 nextlevelbuilder GoClaw write_file Tool fsbridge.go FsBridge.WriteFile os command injection

A vulnerability was found in nextlevelbuilder GoClaw up to 3.11.3. This impacts the function FsBridge.WriteFile of the file internal/sandbox/fsbridge.go of the component writefile Tool. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely. T...

7.5CVSS0.01336EPSS
Exploits0References7
OSV
OSV
added 2026/06/01 3:15 a.m.2 views

CVE-2026-10219 nextlevelbuilder GoClaw write_file Tool fsbridge.go FsBridge.WriteFile os command injection

A vulnerability was found in nextlevelbuilder GoClaw up to 3.11.3. This impacts the function FsBridge.WriteFile of the file internal/sandbox/fsbridge.go of the component writefile Tool. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely. T...

6.9CVSS5.6AI score0.01336EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.22 views

PT-2026-45251

A vulnerability was found in nextlevelbuilder GoClaw up to 3.11.3. This impacts the function FsBridge.WriteFile of the file internal/sandbox/fsbridge.go of the component write file Tool. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely...

7.5CVSS6.7AI score0.01336EPSS
Exploits0References8
GitLab Advisory Database
GitLab Advisory Database
added 2026/05/04 12:0 a.m.222 views

apko dirFS has a symlink-following path traversal that allows multiple entry points to escape the build root

A crafted .apk could install a TypeSymlink tar entry whose target pointed outside the build root, and a subsequent directory-creation or file-write entry in the same or later archive could traverse that symlink to reach host paths the build user could write to. The root cause was the sanitizePath...

7.5CVSS5.8AI score0.00352EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/03/31 12:31 p.m.2 views

GHSA-XXJ4-96PH-G6J6 Duplicate Advisory: OpenClaw: Sandbox `writeFile` commit could race outside the validated path

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xvx8-77m6-gwg6. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step tha...

6.3CVSS5.8AI score0.00078EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/31 12:31 p.m.8 views

Duplicate Advisory: OpenClaw: Sandbox `writeFile` commit could race outside the validated path

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xvx8-77m6-gwg6. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step tha...

6.3CVSS5.8AI score0.00078EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/03/31 12:16 p.m.15 views

CVE-2026-32977

OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step that uses an unanchored container path during the final move operation. An attacker can exploit a time-of-check-time-of-use race condition by modifying parent paths inside the sandbox...

6.3CVSS0.00078EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/31 11:17 a.m.2 views

CVE-2026-32977 OpenClaw < 2026.3.11 - Sandbox Boundary Bypass via Unanchored writeFile Commit Path

OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step that uses an unanchored container path during the final move operation. An attacker can exploit a time-of-check-time-of-use race condition by modifying parent paths inside the sandbox...

6.3CVSS5.9AI score0.00078EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/31 11:17 a.m.6 views

CVE-2026-32977

OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step that uses an unanchored container path during the final move operation. An attacker can exploit a time-of-check-time-of-use race condition by modifying parent paths inside the sandbox...

6.3CVSS5.9AI score0.00078EPSS
Exploits0References3
CVE
CVE
added 2026/03/31 11:17 a.m.15 views

CVE-2026-32977

CVE-2026-32977 : OpenClaw before 2026.3.11 contains a sandbox boundary bypass in the fs-bridge writeFile commit step that uses an unanchored container path during the final move. A time-of-check–time-of-use race allows an attacker to modify parent paths inside the sandbox to redirect committed fi...

6.3CVSS5.9AI score0.00078EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/31 11:17 a.m.24 views

CVE-2026-32977 OpenClaw < 2026.3.11 - Sandbox Boundary Bypass via Unanchored writeFile Commit Path

OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step that uses an unanchored container path during the final move operation. An attacker can exploit a time-of-check-time-of-use race condition by modifying parent paths inside the sandbox...

6.3CVSS0.00078EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.8 views

PT-2026-29233

OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step that uses an unanchored container path during the final move operation. An attacker can exploit a time-of-check-time-of-use race condition by modifying parent paths inside the sandbox...

6.3CVSS5.9AI score0.00078EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.5 views

CVE-2026-32713

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, A logic error in the PX4 Autopilot MAVLink FTP session validation uses incorrect boolean logic && instead of ||, allowing BurstReadFile and WriteFile operations to proceed with invalid sessions or closed file descriptors...

6.5CVSS5.8AI score0.00387EPSS
Exploits1References1
Snyk
Snyk
added 2026/03/13 3:47 p.m.4 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition through the writeFile commit path. An attacker can cause files to be written outside the intended sandbox path by exploiting a race conditi...

6.3CVSS5.8AI score0.00078EPSS
Exploits0References2
OSV
OSV
added 2026/03/13 3:47 p.m.2 views

GHSA-XVX8-77M6-GWG6 OpenClaw: Sandbox `writeFile` commit could race outside the validated path

Summary In affected versions of openclaw, the sandbox fs-bridge writeFile commit step used an unanchored container path during the final move into place. An attacker racing parent-path changes inside the sandbox could redirect the committed file outside the validated sandbox path. Impact This is ...

6.3CVSS5.9AI score0.00078EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/13 3:47 p.m.10 views

OpenClaw: Sandbox `writeFile` commit could race outside the validated path

Summary In affected versions of openclaw, the sandbox fs-bridge writeFile commit step used an unanchored container path during the final move into place. An attacker racing parent-path changes inside the sandbox could redirect the committed file outside the validated sandbox path. Impact This is ...

6.3CVSS5.9AI score0.00078EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder