A security flaw has been discovered in Sipeed PicoClaw up to 0.2.9. Affected by this vulnerability is the function WebFetchTool.Execute of the file pkg/tools/integration/web.go of the component Guarded Web Fetch Flow. The manipulation results in server-side request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. The reported GitHub issue was closed automatically due to inactivity.
Metrics
Affected Vendors & Products
References
History
Fri, 10 Jul 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A security flaw has been discovered in Sipeed PicoClaw up to 0.2.9. Affected by this vulnerability is the function WebFetchTool.Execute of the file pkg/tools/integration/web.go of the component Guarded Web Fetch Flow. The manipulation results in server-side request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. The reported GitHub issue was closed automatically due to inactivity. | |
| Title | Sipeed PicoClaw Guarded Web Fetch Flow web.go WebFetchTool.Execute server-side request forgery | |
| First Time appeared |
Sipeed
Sipeed picoclaw |
|
| Weaknesses | CWE-918 | |
| CPEs | cpe:2.3:a:sipeed:picoclaw:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Sipeed
Sipeed picoclaw |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-10T00:00:13.247Z
Reserved: 2026-07-09T18:07:32.588Z
Link: CVE-2026-15317
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-10T03:15:03Z