A vulnerability, which was classified as critical, has been found in nextlevelbuilder GoClaw 3.13.3-beta.3. This affects the function writeFile of the file internal/providers/acp/tool_bridge.go of the component ACP ToolBridge Workspace Handler. This manipulation causes path traversal.

This vulnerability is tracked as CVE-2026-15626. The attack is possible to be carried out remotely. Moreover, an exploit is present.