Description
A vulnerability was detected in mosaxiv clawlet up to 0.2.10. This impacts the function read_file/write_file/edit_file of the file tools/fs_ops.go of the component File Tools. Performing a manipulation results in link following. The attack needs to be approached locally. The reported GitHub issue was closed with the label "not planned".
Problem types
Product status
0.2.1
0.2.2
0.2.3
0.2.4
0.2.5
0.2.6
0.2.7
0.2.8
0.2.9
0.2.10
Timeline
| 2026-07-13: | Advisory disclosed |
| 2026-07-13: | VulDB entry created |
| 2026-07-13: | VulDB entry last update |
Credits
Eric-b (VulDB User)
VulDB CNA Team
References
github.com/mosaxiv/clawlet/issues/15
vuldb.com/vuln/378124 (VDB-378124 | mosaxiv clawlet File Tools fs_ops.go edit_file link following)
vuldb.com/vuln/378124/cti (VDB-378124 | CTI Indicators (IOB, IOC, IOA))
vuldb.com/cve/CVE-2026-15621 (CVE-2026-15621 | CVE Analysis and Report)
vuldb.com/submit/855796 (Submit #855796 | mosaxiv clawlet 0.2.10 Improper Link Resolution Before File Access (CWE-59))
github.com/mosaxiv/clawlet/issues/15
github.com/mosaxiv/clawlet/