CVE-2026-16130 | nearai ironclaw up to 0.29.1 write_file path_utils.rs validate_path link following (Issue 4797)

SecurityVulns

A vulnerability classified as critical has been found in nearai ironclaw up to 0.29.1. The affected element is the function validate_path of the file src/tools/builtin/path_utils.rs of the component write_file. The manipulation leads to link following.

This vulnerability is uniquely identified as CVE-2026-16130. Local access is required to approach this attack. Moreover, an exploit is present.

It is recommended to apply a patch to fix this issue.VulDB Recent EntriesRead More