CVE-2026-16204
A security flaw has been discovered in zevorn rt-claw up to 0.2.0. This affects the function tool_run_script_execute of the file claw/servic
CVSS
6.3
Medio
EPSS
—
KEV
—
Exploit Today
—
0-100
Publicado: 19 jul 2026 · Última mod.: 19 jul 2026 · CWE-74 · CWE-94
Sin historial EPSS suficiente todavía.
A security flaw has been discovered in zevorn rt-claw up to 0.2.0. This affects the function tool_run_script_execute of the file claw/services/tools/script.c of the component Telegram-to-AI Tool Execution Flow. Performing a manipulation results in code injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.