PT-2026-57046 · Sipeed · Picoclaw

Eric-D

·

Published

2026-07-10

·

Updated

2026-07-10

·

CVE-2026-15319

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
A security vulnerability has been detected in Sipeed PicoClaw up to 0.2.9. This affects the function IPAllowlist of the file web/backend/middleware/access control.go of the component Launcher. Such manipulation leads to improper access controls. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The name of the patch is 3126. A patch should be applied to remediate this issue.

Exploit

Fix

Improper Access Control

Incorrect Privilege Assignment

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-15319

Affected Products

Picoclaw