CVE-2026-10217
6.3 MEDIUMA flaw has been found in nextlevelbuilder GoClaw up to 3.11.3
Published: 2026-06-01 · Last updated: 2026-06-01
Severity and scoring
- CVSS
- 6.3 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
- CWE
- CWE-266, CWE-269
Description
A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/tts_config.go of the component RoleAdmin Gateway. This manipulation causes improper privilege management. Remote exploitation of the attack is possible. The exploit has been published and may be used. The project tagged the reported issue as bug.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-10217
- [Other]https://github.com/nextlevelbuilder/goclaw/
- [Other]https://github.com/nextlevelbuilder/goclaw/issues/1118
- [Other]https://vuldb.com/cve/CVE-2026-10217
- [Other]https://vuldb.com/submit/821937
- [Other]https://vuldb.com/vuln/367496
- [Other]https://vuldb.com/vuln/367496/cti
Related CVEs
Same CWE
- CVE-2026-12217 — A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5 (7.8 HIGH)
- CVE-2026-12213 — A vulnerability was found in hcengineering Huly Platform up to 0.7.0 (4.3 MEDIUM)
- CVE-2026-12212 — A vulnerability has been found in hcengineering Huly Platform up to 0.7.0 (4.3 MEDIUM)
- CVE-2026-12201 — A flaw has been found in IObit Malware Fighter up to 13.2.0 (5.3 MEDIUM)
- CVE-2026-46716 — Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool (9.9 CRITICAL)