CVE-2026-16204 in rt-clawinfo

Summary

by MITRE • 07/19/2026

A security flaw has been discovered in zevorn rt-claw up to 0.2.0. This affects the function tool_run_script_execute of the file claw/services/tools/script.c of the component Telegram-to-AI Tool Execution Flow. Performing a manipulation results in code injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 07/19/2026

The vulnerability identified in zevorn rt-claw version 0.2.0 represents a critical code injection flaw within the Telegram-to-AI Tool Execution Flow component. This security weakness resides in the tool_run_script_execute function located within claw/services/tools/script.c file, where improper input validation and sanitization mechanisms fail to adequately protect against malicious payload injection attempts. The vulnerability's remote exploitability means that attackers can initiate malicious code execution without requiring physical access to the target system, significantly expanding the potential attack surface and threat vector.

The technical implementation of this flaw demonstrates a classic command injection vulnerability pattern where user-supplied input is directly incorporated into system execution contexts without proper sanitization or parameterization. This design flaw allows attackers to manipulate the script execution flow by injecting malicious commands that bypass normal security controls and execute with the privileges of the affected application. The vulnerability operates at the application layer and specifically targets the tool execution functionality, making it particularly dangerous within automated workflow environments where scripts are executed in response to user inputs from telegram communications.

The operational impact of this vulnerability extends beyond simple code execution, as it provides attackers with potentially full system compromise capabilities when combined with other attack vectors. The public availability of exploit code significantly increases the risk exposure for affected systems, as malicious actors can readily leverage this vulnerability without requiring advanced technical skills or extensive reconnaissance. This threat is particularly concerning in environments where automated tool execution flows process untrusted input from external sources such as telegram communications, creating an ideal scenario for remote exploitation and unauthorized system access.

Security professionals should consider this vulnerability in the context of common weakness enumerations such as CWE-78 and CWE-94, which specifically address command injection and code injection flaws respectively. The ATT&CK framework categorizes this type of vulnerability under T1059.001 for command and script injection techniques, highlighting how attackers can leverage such weaknesses to establish persistent access and escalate privileges within compromised environments. Organizations should immediately implement mitigations including input validation, parameterized execution contexts, and network segmentation to reduce exposure while awaiting official patches from the project maintainers.

The lack of response from the project maintainers following the initial issue report creates additional operational risk, as it suggests either insufficient awareness of the vulnerability's severity or delayed remediation processes. This delay in addressing the identified security flaw increases the window of opportunity for attackers to exploit the vulnerability, particularly given the public availability of exploit code and the clear demonstration of remote execution capabilities. System administrators should consider implementing network-based mitigations and monitoring solutions to detect potential exploitation attempts while maintaining pressure on the project team to provide timely security updates and patches to address this critical flaw.

Responsible

VulDB

Disclosure

07/19/2026

Moderation

accepted

CPE

ready

Exploit

Download

EPSS

0.00000

KEV

no

Activities

low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!