CVE-2026-16084 | Sipeed PicoClaw up to 0.2.9 web.go web_fetch server-side request forgery (Issue 3074)
A vulnerability has been found in Sipeed PicoClaw up to 0.2.9 and classified as critical. This impacts the function web_fetch of the file pkg/tools/integration/web.go. This manipulation causes server-side request forgery.
This vulnerability is registered as CVE-2026-16084. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
To fix this issue, it is recommended to deploy a patch.VulDB Recent EntriesRead More