CVE-2026-7875— NanoClaw Host/Container Filesystem Boundary Vulnerability via Outbound Attachment Handling
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-7875
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
NanoClaw Host/Container Filesystem Boundary Vulnerability via Outbound Attachment Handling
Source: NVD (National Vulnerability Database)
Vulnerability Description
NanoClaw version 1.2.0 and prior contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or prompt-injected container to read files outside the intended outbox directory by supplying crafted messages_out.id and content.files values or creating symlinked outbox files. Attackers can exploit this vulnerability to trigger host-side reads of arbitrary files and in some cases achieve recursive deletion of paths outside the intended cleanup target.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Source: NVD (National Vulnerability Database)
Vulnerability Title
nanoclaw 路径遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
nanoclaw是Qwibit.ai开源的一个在独立容器中安全运行AI助手的轻量级工具。 nanoclaw存在路径遍历漏洞,该漏洞源于出站附件处理和发件箱清理中的主机/容器文件系统边界问题,可能导致受损或提示注入的容器通过提供特制的messages_out.id和content.files值或创建符号链接的发件箱文件,读取预期发件箱目录之外的文件。攻击者可以利用此漏洞触发主机端任意文件读取,并在某些情况下递归删除预期清理目标之外的路径。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-7875
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
Qwen3.6-35B-A3B · 9602 chars
Paid plan includes:
In-depth vulnerability mechanism
Trigger conditions & impact
Full executable POC code
Exploit chain & mitigation
POC zip download
100+ AI POC generations per month
III. Intelligence Information for CVE-2026-7875
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same weakness: CWE-22
- CVE-2026-8274
npitre cramfs-tools Directory cramfsck.c do_directory path t - CVE-2022-50956
WordPress Plugin amministrazione-aperta 3.7.3 Local File Rea - CVE-2026-8215
Industrial Application Software IAS Canias ERP RMI iasReques - CVE-2026-42605
AzuraCast: Path Traversal in `currentDirectory` Parameter En - CVE-2026-42574
apko dirFS has a symlink-following path traversal that allow
V. Comments for CVE-2026-7875
No comments yet