CVE-2026-10616

MEDIUM NVD

CVSS Score 4.3

Severity MEDIUM

Published Jun 02, 2026

Vendor unknown

Description

A weakness has been identified in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function TeamTasksTool.executeComplete of the file internal/tools/team_tasks_lifecycle.go of the component Team Task Completion Handler. Executing a manipulation can lead to missing authorization. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. The project tagged the reported issue as bug.

References

https://github.com/nextlevelbuilder/goclaw/
https://github.com/nextlevelbuilder/goclaw/issues/1133
https://vuldb.com/cve/CVE-2026-10616
https://vuldb.com/submit/829420
https://vuldb.com/vuln/367925