Cyber Resilience

CVE-2026-32232

HighPublic PoC

Published: 12 March 2026

Published
12 March 2026
Modified
19 March 2026
KEV Added
Patch
CVSS Score v4 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0062 44.9th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-32232 is a high-severity Path Traversal (CWE-22) vulnerability in Aisarlabs Zeptoclaw. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 44.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Supply Chain and Deployment risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-32232 affects ZeptoClaw, a personal AI assistant, in versions prior to 0.7.6. The vulnerability encompasses a Dangling Symlink Component Bypass, TOCTOU Between Validation and Use, and Hardlink Alias Bypass, mapped to CWE-22 (Path Traversal) and CWE-62 (UNIX Hard Link). It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with high impacts across confidentiality, integrity, and availability.

Remote attackers require no privileges or user interaction to exploit this over the network with low complexity. Successful exploitation enables full compromise of the affected ZeptoClaw instance, potentially allowing arbitrary code execution, data exfiltration, modification, or denial of service.

The vulnerability is fixed in ZeptoClaw version 0.7.6. Official mitigation details are available in the GitHub security advisory at https://github.com/qhkm/zeptoclaw/security/advisories/GHSA-2m67-cxxq-c3h8 and the fixing commit at https://github.com/qhkm/zeptoclaw/commit/f50c17e11ae3e2d40c96730abac41974ef2ee2a8; practitioners should upgrade immediately and review the changes for deployment guidance.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

ZeptoClaw is a personal AI assistant. Prior to 0.7.6, there is a Dangling Symlink Component Bypass, TOCTOU Between Validation and Use, and Hardlink Alias Bypass. This vulnerability is fixed in 0.7.6.

CWE(s)

AI Security AnalysisAI

AI Category
Enterprise AI Assistants
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ai

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The vulnerability allows remote unauthenticated attackers to fully compromise the ZeptoClaw service via path traversal and symlink/hardlink bypasses in a public-facing application, directly mapping to exploitation of public-facing applications.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-2505Shared CWE-22
CVE-2026-5841Shared CWE-22
CVE-2026-33242Shared CWE-22
CVE-2026-33292Shared CWE-22
CVE-2026-35605Shared CWE-22
CVE-2025-53632Shared CWE-22
CVE-2025-8110Shared CWE-22
CVE-2026-8757Shared CWE-22
CVE-2025-7712Shared CWE-22
CVE-2026-31817Shared CWE-22

Affected Assets

aisarlabs
zeptoclaw
≤ 0.7.5

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the vulnerability by requiring timely flaw remediation, such as upgrading ZeptoClaw to version 0.7.6 where the dangling symlink, TOCTOU, and hardlink bypasses are fixed.

prevent

Prevents path traversal (CWE-22) and symlink/hardlink (CWE-62) exploits by validating information inputs like file paths used in ZeptoClaw's component handling.

prevent

Enforces access control policies that mediate file and resource access, reducing the risk of symlink/hardlink bypasses and TOCTOU races in ZeptoClaw.

References