A vulnerability identified as critical has been detected in nextlevelbuilder GoClaw up to 3.11.3 . The impacted element is the function handleSave of the file internal/http/tts_config.go of the component RoleAdmin Gateway . This manipulation causes improper privilege management. This vulnerability is registered as CVE-2026-10217 . Remote exploitation of the attack is possible. Furthermore, an exploit is available. The project tagged the reported issue as bug.