nextlevelbuilder GoClaw Team Task Completion team_tasks_lifecycle.go TeamTasksTool.executeComplete authorization_CVE-2026-10616

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A weakness has been identified in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function TeamTasksTool.executeComplete of the file internal/tools/team_tasks_lifecycle.go of the component Team Task Completion Handler. Executing a manipulation can lead to missing authorization. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. The project tagged the reported issue as bug.

Basic Information

ID CVE-2026-10616

Source VulDB

Published Jun 2, 2026 at 18:30

Affected Product

Vendor nextlevelbuilder

Product GoClaw

Version 3.11.0

Affected Versions nextlevelbuilder GoClaw 3.11.0
nextlevelbuilder GoClaw 3.11.1
nextlevelbuilder GoClaw 3.11.2
nextlevelbuilder GoClaw 3.11.3

CWE Classification

CWE-862 CWE-863

References

{
    "lastseen": "",
    "description": "A weakness has been identified in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function TeamTasksTool.executeComplete of the file internal/tools/team_tasks_lifecycle.go of the component Team Task Completion Handler. Executing a manipulation can lead to missing authorization. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. The project tagged the reported issue as bug.",
    "published": "2026-06-02T18:30:09.138Z",
    "modified": "2026-06-02T18:30:09.138Z",
    "type": "cve",
    "title": "nextlevelbuilder GoClaw Team Task Completion team_tasks_lifecycle.go TeamTasksTool.executeComplete authorization",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/367925\nhttps://vuldb.com/vuln/367925/cti\nhttps://vuldb.com/cve/CVE-2026-10616\nhttps://vuldb.com/submit/829420\nhttps://github.com/nextlevelbuilder/goclaw/issues/1133\nhttps://github.com/nextlevelbuilder/goclaw/",
    "id": "CVE-2026-10616",
    "bulletinFamily": "",
    "cwe": [
        "CWE-862",
        "CWE-863"
    ],
    "cvelist": null,
    "sourceData": "nextlevelbuilder GoClaw 3.11.0\nnextlevelbuilder GoClaw 3.11.1\nnextlevelbuilder GoClaw 3.11.2\nnextlevelbuilder GoClaw 3.11.3",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "GoClaw",
    "version": "3.11.0",
    "vendor": "nextlevelbuilder",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}