CVE-2026-8235

CVSS v3.1

5.5

Medium

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is identified as 223c16a1088e138838dcbd18cd65a37c35ac5a84. It is best practice to apply a patch to resolve this issue.

Exploit

Fix

OS Command Injection

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78CWE-77

Related Identifiers

CVE-2026-8235

Affected Products

Miniclaw

CVE-2026-8235

Weakness Enumeration

Related Identifiers

Affected Products

References · 9