๐Ÿ” CVE Alert

CVE-2026-15627

MEDIUM 4.3

nextlevelbuilder GoClaw tool.go handleNavigate information disclosure

CVSS Score
4.3
EPSS Score
0.2%
EPSS Percentile
16th

A vulnerability was identified in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This vulnerability affects the function handleNavigate of the file pkg/browser/tool.go. Such manipulation of the argument args.targetUrl leads to information disclosure. The attack may be performed from remote. The exploit is publicly available and might be used.

CWE CWE-200 CWE-284
Vendor nextlevelbuilder
Product goclaw
Published Jul 14, 2026
Last Updated Jul 14, 2026
Stay Ahead of the Next One

Get instant alerts for nextlevelbuilder goclaw

Be the first to know when new medium vulnerabilities affecting nextlevelbuilder goclaw are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

nextlevelbuilder / GoClaw
3.13.3-beta.0 3.13.3-beta.1 3.13.3-beta.2 3.13.3-beta.3

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
vuldb.com: https://vuldb.com/vuln/378129 vuldb.com: https://vuldb.com/vuln/378129/cti vuldb.com: https://vuldb.com/cve/CVE-2026-15627 vuldb.com: https://vuldb.com/submit/855847 github.com: https://github.com/nextlevelbuilder/goclaw/issues/1207 github.com: https://github.com/nextlevelbuilder/goclaw/issues/1207#issuecomment-4760370546 github.com: https://github.com/nextlevelbuilder/goclaw/

Credits

๐Ÿ” Eric-e (VulDB User)