CVE-2026-8113

Name of the Vulnerable Software and Affected Versions 8421bit MiniClaw versions prior to e8bd4e17e9428260f2161378356affc5ce90d6ed

Description A path traversal issue exists in the executeSkillScript component within the isPathInside() function of the src/kernel.ts file. This flaw allows a remote attacker to perform a manipulation that leads to unauthorized access to files or directories outside the intended folder.

Recommendations Apply patch e8bd4e17e9428260f2161378356affc5ce90d6ed. As a temporary workaround, restrict the use of the executeSkillScript component or the isPathInside() function until the patch is implemented.