Vendor
high
advisory
FoundDream miniclawd Command Injection Vulnerability (CVE-2026-9453)
2 rules 1 TTP 1 CVEA command injection vulnerability (CVE-2026-9453) exists in FoundDream miniclawd, where manipulation of the requires.bins argument in /src/application/skills-loader.ts allows remote command execution, and the exploit is publicly available.
miniclawd
command-injection
cve
2r
1t
1c
high
advisory
CVE-2026-9452 FoundDream miniclawd Remote Command Injection
2 rules 1 TTP 1 CVEA command injection vulnerability exists in FoundDream miniclawd within the ExecTool.execute function in /src/tools/exec.ts, which can be triggered remotely, allowing attackers to execute arbitrary OS commands.
miniclawd
command-injection
vulnerability
2r
1t
1c