PatchSiren

nextlevelbuilder CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW nextlevelbuilder CVE published 2026-07-14

CVE-2026-15627

A vulnerability was identified in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This vulnerability affects the function handleNavigate of the file pkg/browser/tool.go. Such manipulation of the argument args.targetUrl leads to information disclosure. The attack may be performed from remote. The exploit is publicly available and might be used. The vulnerability class is related to information disclosure, and [truncated]

LOW nextlevelbuilder CVE published 2026-07-14

CVE-2026-15626

A vulnerability was determined in nextlevelbuilder GoClaw 3.13.3-beta.3. This affects the function writeFile of the file internal/providers/acp/tool_bridge.go of the component ACP ToolBridge Workspace Handler. This manipulation causes path traversal. The attack is possible to be carried out remotely.

LOW nextlevelbuilder CVE published 2026-07-14

CVE-2026-15625

A vulnerability was found in nextlevelbuilder GoClaw 3.11.3, affecting the function ExecApprovalManager.CheckCommand in internal/tools/exec_approval.go. The issue involves an incomplete blacklist, allowing for remote attacks. Users should review and apply patches to mitigate this vulnerability. The attack can be executed remotely. Evidence is limited to CVE and NVD details. Defenders should verify affecte [truncated]

LOW nextlevelbuilder CVE published 2026-07-14

CVE-2026-15624

A server-side request forgery vulnerability has been found in nextlevelbuilder GoClaw 3.13.3-beta.3. The vulnerability affects the function bytePlusDownloadVideo in the file internal/tools/create_video_byteplus.go. The manipulation of the argument output.video_url can lead to server-side request forgery. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be [truncated]

MEDIUM nextlevelbuilder CVE published 2026-06-01

CVE-2026-10219

A command injection vulnerability exists in nextlevelbuilder GoClaw versions up to 3.11.3, specifically within the FsBridge.WriteFile function in internal/sandbox/fsbridge.go. The vulnerability is reachable through the write_file tool and allows remote attackers to execute arbitrary operating system commands. The issue has been publicly disclosed with an available exploit, and a fix pull request is pendin [truncated]

LOW nextlevelbuilder CVE published 2026-06-01

CVE-2026-10218

A low-severity improper authorization vulnerability in nextlevelbuilder GoClaw affects the auth function in internal/http/evolution_handlers.go through version 3.11.3. The vulnerability allows remote attackers to bypass authorization controls. The issue has been publicly disclosed and tagged as a bug by the project maintainers. The CVSS 4.0 vector indicates network attack vector with low attack complexity [truncated]