CVE Catalog

CVE-2026-9452

High
Published: Translated: NVD NIST

Summary

A vulnerability has been detected in FoundDream miniclawd affecting the ExecTool.execute function in the /src/tools/exec.ts file. Manipulation of this function leads to OS command injection, which can be exploited remotely.

Risk Assessment

An attacker can remotely exploit this vulnerability to execute unauthorized commands on the server, posing a serious security threat.

Recommendation

It is recommended to immediately update the software or implement appropriate security measures to mitigate the risk of an attack.

Original NVD description (English source)

A security vulnerability has been detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. Affected by this issue is the function ExecTool.execute of the file /src/tools/exec.ts. Such manipulation leads to os command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The project was informed of the problem early through an issue report but has not responded yet.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS