NanoClaw before 2.1.17 contains a symlink following...
Moderate severity
Unreviewed
Published
Jun 23, 2026
to the GitHub Advisory Database
Description
Published by the National Vulnerability Database
Jun 23, 2026
Published to the GitHub Advisory Database
Jun 23, 2026
NanoClaw before 2.1.17 contains a symlink following vulnerability in forwardAttachedFiles that allows container-controlled agents to exfiltrate host-readable files. The host validates attachment filenames using only isSafeAttachmentName before copying with fs.copyFileSync, which follows symlinks without containment checks, allowing malicious agents to disclose arbitrary host files.
References