All 2 CVE vulnerabilities found in zeptoclaw, with AI-generated Chinese analysis, references, and POCs.
Vendor: qhkm
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-32232 | ZeptoClaw: Path boundary checks bypass via symlink, TOCTOU, and hardlink CWE-22 | 6.8AI | MediumAI | 2026-03-12 |
| CVE-2026-32231 | ZeptoClaw: Generic webhook channel trusts caller-supplied identity fields; allowlist is checked against untrusted payload data CWE-306 | 8.2 | High | 2026-03-12 |
All 2 known CVE vulnerabilities affecting zeptoclaw with full Chinese analysis, references, and POCs where available.