Detections
Analytics

CVE-2026-10217

medium

Description

A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/tts_config.go of the component RoleAdmin Gateway. This manipulation causes improper privilege management. Remote exploitation of the attack is possible. The exploit has been published and may be used. The project tagged the reported issue as bug.

References

https://vuldb.com/vuln/367496/cti

https://vuldb.com/vuln/367496

https://vuldb.com/submit/821937

https://vuldb.com/cve/CVE-2026-10217

https://github.com/nextlevelbuilder/goclaw/issues/1118

https://github.com/nextlevelbuilder/goclaw/

Details

Source: Mitre, NVD

Published: 2026-06-01

Updated: 2026-06-01

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 6.3

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Severity: Medium

CVSS v4

Base Score: 5.3

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Severity: Medium