mirror of
https://github.com/tiennm99/goclaw.git
synced 2026-07-12 17:04:21 +00:00
6dd53b9892
- CVE-2026-39363 (High): arbitrary file read via dev server WebSocket - CVE-2026-39364 (High): server.fs.deny bypass with query strings - CVE-2026-39365 (Medium): path traversal in optimized deps .map handling Dev-scope only. Updates both ui/web and ui/desktop/frontend lockfiles.