CVE-2026-16123
MEDIUM
NVD
CVSS Score
6.3
Severity
MEDIUM
Published
Jul 18, 2026
Vendor
unknown
Description
A weakness has been identified in nextlevelbuilder GoClaw up to 3.13.2. Affected by this issue is the function ToolsInvokeHandler.ServeHTTP of the file internal/http/tools_invoke.go of the component Invoke Endpoint. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.