Back to overview

CVE-2026-15618

MEDIUM
6.3
CVSS 3.1
Description
A security flaw has been discovered in mosaxiv clawlet up to 0.2.10. The affected element is the function guardExecCommand of the file tools/tool_exec.go of the component exec Safety Guard. The manipulation results in protection mechanism failure. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The reported GitHub issue was closed with the label "not planned".

Metadata

CVE ID
CVE-2026-15618
State
PUBLISHED
Assigner
VulDB
Reserved
2026-07-13 16:57 UTC
Published
2026-07-13 23:45 UTC
Last updated
2026-07-13 23:45 UTC
Primary CWE
CWE-693
Protection Mechanism Failure
Vendor / Product
mosaxiv / clawlet
Sources
cve.org  ·  NVD

Severity & Metrics

6.3 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Affected products (1)
VendorProductPlatformVersions
mosaxiv clawlet 0.2.0, 0.2.1, 0.2.2, 0.2.3 …
Weakness (CWE)
CWESourceDescription
CWE-693 cna Protection Mechanism Failure
CVSS scores (4)
ScoreSeverityVersionSourceVector
7.5 N/D 2.0 cna AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR
6.3 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
6.3 MEDIUM 3.0 cna CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
5.3 MEDIUM 4.0 cna CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
References (6)
Back to overview