nextlevelbuilder GoClaw evolution_handlers.go auth improper authorization_CVE-2026-10218

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in nextlevelbuilder GoClaw up to 3.11.3. This affects the function auth of the file internal/http/evolution_handlers.go. Such manipulation leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The project tagged the reported issue as bug.

Basic Information

ID CVE-2026-10218

Source VulDB

Published Jun 1, 2026 at 03:00

Affected Product

Vendor nextlevelbuilder

Product GoClaw

Version 3.11.0

Affected Versions nextlevelbuilder GoClaw 3.11.0
nextlevelbuilder GoClaw 3.11.1
nextlevelbuilder GoClaw 3.11.2
nextlevelbuilder GoClaw 3.11.3

CWE Classification

CWE-285 CWE-266

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in nextlevelbuilder GoClaw up to 3.11.3. This affects the function auth of the file internal/http/evolution_handlers.go. Such manipulation leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The project tagged the reported issue as bug.",
    "published": "2026-06-01T03:00:12.820Z",
    "modified": "2026-06-01T03:00:12.820Z",
    "type": "cve",
    "title": "nextlevelbuilder GoClaw evolution_handlers.go auth improper authorization",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/367497\nhttps://vuldb.com/vuln/367497/cti\nhttps://vuldb.com/cve/CVE-2026-10218\nhttps://vuldb.com/submit/821938\nhttps://github.com/nextlevelbuilder/goclaw/issues/1120\nhttps://github.com/nextlevelbuilder/goclaw/",
    "id": "CVE-2026-10218",
    "bulletinFamily": "",
    "cwe": [
        "CWE-285",
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "nextlevelbuilder GoClaw 3.11.0\nnextlevelbuilder GoClaw 3.11.1\nnextlevelbuilder GoClaw 3.11.2\nnextlevelbuilder GoClaw 3.11.3",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "GoClaw",
    "version": "3.11.0",
    "vendor": "nextlevelbuilder",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}