PT-2026-36210 · Nextlevelbuilder · Goclaw+1

Aisec

Published

2026-04-30

Updated

2026-05-01

CVE-2026-7505

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions nextlevelbuilder GoClaw versions prior to 3.9.0 nextlevelbuilder GoClaw Lite versions prior to 3.9.0

Description A flaw in the RPC Handler component allows for improper authorization. This issue can be triggered remotely through an unknown function within the component.

Recommendations Upgrade to version 3.9.0.

Exploit

Fix

Improper Authorization

Incorrect Privilege Assignment

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-285CWE-266

Related Identifiers

CVE-2026-7505

Affected Products

Goclaw

Goclaw Lite

PT-2026-36210 · Nextlevelbuilder · Goclaw+1

CVE-2026-7505

Weakness Enumeration

Related Identifiers

Affected Products

References · 12