Vulnerabilities

Report: CVE-2026-8235 - 8421bit MiniClaw System kernel.ts resolveSkillScriptPath os command injection

2026-05-10 0 views admin

CVE ID :CVE-2026-8235 Published : May 10, 2026, 7:16 a.m. | 35 minutes ago Description :A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is identified as 223c16a1088e138838dcbd18cd65a37c35ac5a84. It is best practice to apply a patch to resolve this issue. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-8235

Severity

MEDIUM

Published

May 10, 2026

Impact: command injection

🏷️ Tags

report8421bitminiclawsystemkernelresolveskillscriptpathcommandinjectioncvecve-2026-8235

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-8235 - 8421bit MiniClaw System kernel.ts resolveSkillScriptPath os command injection

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-6104 - Global buffer over-read in mb_convert_encoding() with attacker-supplied encoding

Report: CVE-2026-8233 - Dotouch XproUPF access control

Report: CVE-2026-8232 - Dotouch XproUPF UPF Process libvlib.so vlib_worker_loop denial of service

Report: - CodeAstro Online Catering Ordering System deleteorder.php sql injection CVE-2026-8231

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting