CVE-2026-10218

EUVD-2026-33539
A vulnerability has been found in nextlevelbuilder GoClaw up to 3.11.3. This affects the function auth of the file internal/http/evolution_handlers.go. Such manipulation leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The project tagged the reported issue as bug.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
Common Weakness Enumeration
References
https://github.com/nextlevelbuilder/goclaw/
https://github.com/nextlevelbuilder/goclaw/issues/1120
https://vuldb.com/cve/CVE-2026-10218
https://vuldb.com/submit/821938
https://vuldb.com/vuln/367497
https://vuldb.com/vuln/367497/cti