216.73.217.98

CVE-2026-15317

· Published 10/07/2026 02:16 · Author: The MITRE Corporation

Labels: CVE-2026-15317

Essential information

Published
10/07/2026 02:16
Modified
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
7.5 (v2) 6.3 MEDIUM (v3.1) 2.1 LOW (v4.0)
CISA KEV
No
CWE
CWE-918
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CVSS metrics

Description

A security flaw has been discovered in Sipeed PicoClaw up to 0.2.9. Affected by this vulnerability is the function WebFetchTool.Execute of the file pkg/tools/integration/web.go of the component Guarded Web Fetch Flow. The manipulation results in server-side request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. The reported GitHub issue was closed automatically due to inactivity.

NVD status

NVD
View on NVD