A security flaw has been discovered in zevorn rt-claw up to 0.2.0. This affects the function toolrunscriptexecute of the file claw/services/tools/script.c of the component Telegram-to-AI Tool Execution Flow. Performing a manipulation results in code injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The project was in
AI Attack
Vulners
Apply vendor security patch