CVE-2026-10583

Published
View on NVD ↗
CVSS v3
4.7
MEDIUM
CVSS v2
5.8
MEDIUM
Affected
2
PROJECTS

Description

A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. Affected by this issue is the function Import of the file internal/http/tts_config.go of the component TTS Configuration Endpoint. The manipulation leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The project tagged the reported issue as bug.

nextlevelbuilder/goclaw
nextlevelbuilder/goclaw
GoClaw - GoClaw is OpenClaw rebuilt in Go — with multi-tenant isolation, 5-layer security, and native concurrency. Deploy AI agent teams at scale without compromising on safety.
GitHubGitHub
3.33K
digitopvn/goclaw
digitopvn/goclaw
GoClaw - GoClaw is OpenClaw rebuilt in Go — with multi-tenant isolation, 5-layer security, and native concurrency. Deploy AI agent teams at scale without compromising on safety.
GitHubGitHub
2