CVE-2026-7505
Published: Thu, 30 Apr 2026 23:16
Summary
A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. This affects an unknown function of the component RPC Handler. This manipulation causes improper authorization. The attack
Details
A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. This affects an unknown function of the component RPC Handler. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading to version 3.9.0 mitigates this issue. Patch name: 406022e79f4a18b3070a446712080571eff11e30. You should upgrade the affected component.
Are YOU affected by CVE-2026-7505?
5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether CVE-2026-7505 (and any other live CVE) applies. Anonymous, no signup.
curl https://mindsparkstack.com/scan.sh | bash
References
- https://github.com/nextlevelbuilder/goclaw/
- https://github.com/nextlevelbuilder/goclaw/commit/406022e79f4a18b3070a446712080571eff11e30
- https://github.com/nextlevelbuilder/goclaw/issues/866
- https://github.com/nextlevelbuilder/goclaw/pull/950
- https://github.com/nextlevelbuilder/goclaw/releases/tag/v3.9.0
- https://vuldb.com/submit/803458
- https://vuldb.com/vuln/360314
- https://vuldb.com/vuln/360314/cti
StackPatch runs this match against YOUR installed packages every hour
Free 1-server / $99 lifetime founder seat (50 only) / $19+/mo monthly. Indie pricing.