nextlevelbuilder GoClaw RoleAdmin Gateway tts_config.go handleSave privileges management_CVE-2026-10217

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/tts_config.go of the component RoleAdmin Gateway. This manipulation causes improper privilege management. Remote exploitation of the attack is possible. The exploit has been published and may be used. The project tagged the reported issue as bug.

Basic Information

ID CVE-2026-10217

Source VulDB

Published Jun 1, 2026 at 02:45

Affected Product

Vendor nextlevelbuilder

Product GoClaw

Version 3.11.0

Affected Versions nextlevelbuilder GoClaw 3.11.0
nextlevelbuilder GoClaw 3.11.1
nextlevelbuilder GoClaw 3.11.2
nextlevelbuilder GoClaw 3.11.3

CWE Classification

CWE-269 CWE-266

References

{
    "lastseen": "",
    "description": "A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/tts_config.go of the component RoleAdmin Gateway. This manipulation causes improper privilege management. Remote exploitation of the attack is possible. The exploit has been published and may be used. The project tagged the reported issue as bug.",
    "published": "2026-06-01T02:45:09.177Z",
    "modified": "2026-06-01T02:45:09.177Z",
    "type": "cve",
    "title": "nextlevelbuilder GoClaw RoleAdmin Gateway tts_config.go handleSave privileges management",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/367496\nhttps://vuldb.com/vuln/367496/cti\nhttps://vuldb.com/cve/CVE-2026-10217\nhttps://vuldb.com/submit/821937\nhttps://github.com/nextlevelbuilder/goclaw/issues/1118\nhttps://github.com/nextlevelbuilder/goclaw/",
    "id": "CVE-2026-10217",
    "bulletinFamily": "",
    "cwe": [
        "CWE-269",
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "nextlevelbuilder GoClaw 3.11.0\nnextlevelbuilder GoClaw 3.11.1\nnextlevelbuilder GoClaw 3.11.2\nnextlevelbuilder GoClaw 3.11.3",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "GoClaw",
    "version": "3.11.0",
    "vendor": "nextlevelbuilder",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}