Dragonmonk111 Junoclaw
5 CVEs affecting Dragonmonk111 Junoclaw. Latest disclosed: 2026-05-12. Critical: 1, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-43992 | Critical | 9.8 | 2026-05-12 | JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, every MCP write tool (send_tokens, execute_contract, instantiate_contract… |
CVE-2026-43989 | High | 8.5 | 2026-05-12 | JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the upload_wasm MCP tool accepted a filesystem path from the agent and upl… |
CVE-2026-43991 | High | 8.4 | 2026-05-12 | JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, substring-based blocklist in plugin-shell's command-safety check could be… |
CVE-2026-43990 | High | 8.4 | 2026-05-12 | JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, plugin-shell's run_command wrapped every agent-supplied command in 'sh -c'… |
CVE-2026-43993 | High | 8.2 | 2026-05-12 | JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch() on agent-supplied URLs… |