CVE-2026-10219 nextlevelbuilder CVE debrief

Who should care

Organizations running GoClaw sandbox environments, particularly those exposing file write capabilities to untrusted or semi-trusted inputs. Security teams monitoring for command injection in Go-based sandbox implementations. Developers maintaining or deploying GoClaw instances.

Technical summary

The FsBridge.WriteFile function in internal/sandbox/fsbridge.go fails to properly sanitize input before using it in operating system operations, resulting in CWE-78 (OS Command Injection). The attack vector is network-based with low attack complexity, requiring no privileges or user interaction. The vulnerability affects confidentiality, integrity, and availability at a low impact level. The exploit has been publicly disclosed, increasing the risk of active exploitation. A fix exists in an unmerged pull request.

Defensive priority

medium

Recommended defensive actions

• Review and restrict access to GoClaw instances running versions up to 3.11.3, particularly any endpoints exposing the write_file tool functionality.
• Monitor for and apply the pending fix from pull request ref-6 once accepted and released by the maintainer.
• Implement input validation and sanitization for file path and content parameters passed to sandbox file bridge operations.
• Consider sandbox escape mitigations such as seccomp profiles, capability dropping, or running the service in a restricted container environment.
• Audit logs for anomalous file write operations or unexpected process executions originating from the GoClaw service.

Evidence notes

The vulnerability was published on 2026-06-01. The CNA ([email protected]) assigned CWE-77 and CWE-78. A pull request (ref-6) exists to address the issue but has not been merged. The exploit has been made public per the CVE description. The vendor is currently marked as unknown with low confidence based on reference domain analysis, requiring review.

Official resources