Improper-Authorization

nextlevelbuilder GoClaw and GoClaw Lite versions up to 3.8.5 are vulnerable to improper authorization in the RPC Handler component, potentially allowing remote attackers to bypass security controls.

CVE-2026-6105 is a critical vulnerability in perfree go-fastdfs-web versions up to 1.3.7, allowing for remote improper authorization due to a flaw in the doInstall Interface, potentially leading to unauthorized system access and control.