CVE-2026-56693

NanoClaw < 2.1.17 - Privilege Escalation via Unauthorized create_agent System Action

CVSS 6.8 MEDIUMCWE-602

In short

NanoClaw versions before 2.1.17 allow confined container agents to create new agents and configurations without proper permission checks, letting them escape their intended restrictions and gain unauthorized control.

Technical detail

The create_agent delivery-action handler in NanoClaw < 2.1.17 performs privileged database operations without host-side authorization validation (CWE-602). Confined agent containers can exploit this to create arbitrary agent groups and destinations, escalating privileges beyond their sandbox boundary.

Summary generated and translated by AI from the official description.

NanoClaw before 2.1.17 contains a privilege escalation vulnerability in the create_agent delivery-action handler that performs privileged central-database writes without host-side authorization checks. Confined agent containers can invoke create_agent to create arbitrary agent groups, container configurations, and destinations, escalating beyond their intended confinement boundary.

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Affected products

nanocoai · nanoclaw

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/nanocoai/nanoclaw/commit/ac37ecbfd6b9d14fdfa1598a6412a8ffdbeaef45 https://github.com/nanocoai/nanoclaw/pull/2720 https://www.vulncheck.com/advisories/nanoclaw-privilege-escalation-via-unauthorized-create-agent-system-action