Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Sat, 18 Jul 2026 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was determined in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This impacts the function matchesAllowlist/extractBin of the file internal/tools/exec_approval.go. Executing a manipulation can lead to incorrectly-resolved name. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. | |
| Title | nextlevelbuilder GoClaw exec_approval.go extractBin name resolution | |
| First Time appeared |
Nextlevelbuilder
Nextlevelbuilder goclaw |
|
| Weaknesses | CWE-706 | |
| CPEs | cpe:2.3:a:nextlevelbuilder:goclaw:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Nextlevelbuilder
Nextlevelbuilder goclaw |
|
| References |
|
|
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-18T13:30:10.481Z
Reserved: 2026-07-17T15:56:49.001Z
Link: CVE-2026-16120
No data.
No data.
No data.
OpenCVE Enrichment
No data.