ГлавнаяУязвимости → CVE-2026-32232
9.8критическая

CVE-2026-32232

Описание

ZeptoClaw is a personal AI assistant. Prior to 0.7.6, there is a Dangling Symlink Component Bypass, TOCTOU Between Validation and Use, and Hardlink Alias Bypass. This vulnerability is fixed in 0.7.6.

Затрагиваемое ПО
Aisarlabs Zeptoclaw
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/qhkm/zeptoclaw/commit/f50c17e11ae3e2d40c96730abac41974ef2ee2a8https://github.com/qhkm/zeptoclaw/security/advisories/GHSA-2m67-cxxq-c3h8