CVE-2026-56692
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk3th percentile — higher than 3% of all known CVEs
Summary
NanoClaw before version 2.1.17 contains a symlink following vulnerability in forwardAttachedFiles that allows container-controlled agents to exfiltrate host-readable files. The host validates attachment filenames using only isSafeAttachmentName, which allows malicious agents to disclose arbitrary host files.
Risk Assessment
Organizations may be exposed to sensitive data leaks from the host, potentially leading to serious security breaches and loss of customer trust.
Recommendation
It is recommended to update NanoClaw to version 2.1.17 or later to mitigate this vulnerability and implement additional security measures to prevent unauthorized file access.
Original NVD description (English source)
NanoClaw before 2.1.17 contains a symlink following vulnerability in forwardAttachedFiles that allows container-controlled agents to exfiltrate host-readable files. The host validates attachment filenames using only isSafeAttachmentName before copying with fs.copyFileSync, which follows symlinks without containment checks, allowing malicious agents to disclose arbitrary host files.

