A vulnerability labeled as critical has been found in nextlevelbuilder GoClaw up to 3.11.3 . This affects the function auth of the file internal/http/evolution_handlers.go . Such manipulation leads to improper authorization. This vulnerability is documented as CVE-2026-10218 . The attack can be executed remotely. Additionally, an exploit exists. The project tagged the reported issue as bug.