A vulnerability categorized as critical has been discovered in mosaxiv clawlet up to 0.2.10. The affected element is the function guardExecCommand of the file tools/tool_exec.go of the component exec Safety Guard. The manipulation results in protection mechanism failure.

This vulnerability is known as CVE-2026-15618. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The reported GitHub issue was closed with the label “not planned”.