CVE-2026-16084 | Sipeed PicoClaw up to 0.2.9 web.go web_fetch server-side request forgery (Issue 3074)

SecurityVulns

A vulnerability has been found in Sipeed PicoClaw up to 0.2.9 and classified as critical. This impacts the function web_fetch of the file pkg/tools/integration/web.go. This manipulation causes server-side request forgery.

This vulnerability is registered as CVE-2026-16084. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

To fix this issue, it is recommended to deploy a patch.VulDB Recent EntriesRead More