CVE-2026-15317 | Sipeed PicoClaw up to 0.2.9 Guarded Web Fetch Flow web.go WebFetchTool.Execute server-side request forgery (Issue 3078)
A vulnerability described as critical has been identified in Sipeed PicoClaw up to 0.2.9. Affected by this vulnerability is the function WebFetchTool.Execute of the file pkg/tools/integration/web.go of the component Guarded Web Fetch Flow. The manipulation results in server-side request forgery.
This vulnerability is identified as CVE-2026-15317. The attack can be executed remotely. Additionally, an exploit exists.
The reported GitHub issue was closed automatically due to inactivity.VulDB Recent EntriesRead More