A vulnerability marked as critical has been reported in mosaxiv clawlet up to 0.2.10. This impacts the function read_file/write_file/edit_file of the file tools/fs_ops.go of the component File Tools. Performing a manipulation results in link following.

This vulnerability was named CVE-2026-15621. The attack needs to be approached locally. There is no available exploit.

The reported GitHub issue was closed with the label “not planned”.