CVE-2026-32232
Published: 12 March 2026
Summary
CVE-2026-32232 is a high-severity Path Traversal (CWE-22) vulnerability in Aisarlabs Zeptoclaw. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 44.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Supply Chain and Deployment risk domain.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2026-32232 affects ZeptoClaw, a personal AI assistant, in versions prior to 0.7.6. The vulnerability encompasses a Dangling Symlink Component Bypass, TOCTOU Between Validation and Use, and Hardlink Alias Bypass, mapped to CWE-22 (Path Traversal) and CWE-62 (UNIX Hard Link). It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with high impacts across confidentiality, integrity, and availability.
Remote attackers require no privileges or user interaction to exploit this over the network with low complexity. Successful exploitation enables full compromise of the affected ZeptoClaw instance, potentially allowing arbitrary code execution, data exfiltration, modification, or denial of service.
The vulnerability is fixed in ZeptoClaw version 0.7.6. Official mitigation details are available in the GitHub security advisory at https://github.com/qhkm/zeptoclaw/security/advisories/GHSA-2m67-cxxq-c3h8 and the fixing commit at https://github.com/qhkm/zeptoclaw/commit/f50c17e11ae3e2d40c96730abac41974ef2ee2a8; practitioners should upgrade immediately and review the changes for deployment guidance.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-11669
Vulnerability details
ZeptoClaw is a personal AI assistant. Prior to 0.7.6, there is a Dangling Symlink Component Bypass, TOCTOU Between Validation and Use, and Hardlink Alias Bypass. This vulnerability is fixed in 0.7.6.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Supply Chain and Deployment
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: ai
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability allows remote unauthenticated attackers to fully compromise the ZeptoClaw service via path traversal and symlink/hardlink bypasses in a public-facing application, directly mapping to exploitation of public-facing applications.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates the vulnerability by requiring timely flaw remediation, such as upgrading ZeptoClaw to version 0.7.6 where the dangling symlink, TOCTOU, and hardlink bypasses are fixed.
Prevents path traversal (CWE-22) and symlink/hardlink (CWE-62) exploits by validating information inputs like file paths used in ZeptoClaw's component handling.
Enforces access control policies that mediate file and resource access, reducing the risk of symlink/hardlink bypasses and TOCTOU races in ZeptoClaw.