CVE-2026-10617 | nextlevelbuilder GoClaw up to 3.11.3 Webhook Verification internal/http/auth.go resolveAuth missing authentication (Issue 1134)

Inserito da Angelo Barbosa | Giu 2, 2026 | CVE

A vulnerability was found in nextlevelbuilder GoClaw up to 3.11.3. It has been classified as critical. This affects the function resolveAuth of the file internal/http/auth.go of the component Webhook Verification Handler. The manipulation leads to missing authentication.

This vulnerability is referenced as CVE-2026-10617. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The project tagged the reported issue as bug.

CVE-2026-10617 | nextlevelbuilder GoClaw up to 3.11.3 Webhook Verification internal/http/auth.go resolveAuth missing authentication (Issue 1134)

Post correlati

CVE-2024-2908 | Call Now Button Plugin up to 1.4.6 on WordPress Setting cross site scripting

CVE-2024-43963 | WaspThemes YellowPencil Visual CSS Style Editor Plugin up to 7.6.1 on WordPress cross site scripting

CVE-2025-11477 | SourceCodester Wedding Reservation Management System 1.0 /global.php User sql injection

CVE-2025-5380 | ashinigit 天青一白 XueShengZhuSu 学生住宿管理系统 up to 4d3f0ada0e71482c1e51fd5f5615e5a3d8bcbfbb Image File Upload /upload/ path traversal (IC9VZD)