8421bit MiniClaw System kernel.ts resolveSkillScriptPath os command injection_CVE-2026-8235

5.1 / 10

MEDIUM

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is identified as 223c16a1088e138838dcbd18cd65a37c35ac5a84. It is best practice to apply a patch to resolve this issue.

Basic Information

ID CVE-2026-8235

Source VulDB

Published May 10, 2026 at 06:15

Affected Product

Vendor 8421bit

Product MiniClaw

Version 0.8.0

Affected Versions 8421bit MiniClaw 0.8.0
8421bit MiniClaw 0.9.0

CWE Classification

CWE-78 CWE-77

References

{
    "lastseen": "",
    "description": "A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is identified as 223c16a1088e138838dcbd18cd65a37c35ac5a84. It is best practice to apply a patch to resolve this issue.",
    "published": "2026-05-10T06:15:10.898Z",
    "modified": "2026-05-10T06:15:10.898Z",
    "type": "cve",
    "title": "8421bit MiniClaw System kernel.ts resolveSkillScriptPath os command injection",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/362455\nhttps://vuldb.com/vuln/362455/cti\nhttps://vuldb.com/submit/809001\nhttps://github.com/8421bit/MiniClaw/issues/6\nhttps://github.com/8421bit/MiniClaw/pull/7\nhttps://github.com/8421bit/MiniClaw/issues/6#issue-4290453729\nhttps://github.com/8421bit/MiniClaw/commit/223c16a1088e138838dcbd18cd65a37c35ac5a84\nhttps://github.com/8421bit/MiniClaw/",
    "id": "CVE-2026-8235",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78",
        "CWE-77"
    ],
    "cvelist": null,
    "sourceData": "8421bit MiniClaw 0.8.0\n8421bit MiniClaw 0.9.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MiniClaw",
    "version": "0.8.0",
    "vendor": "8421bit",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}