Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Sat, 18 Jul 2026 08:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was determined in Sipeed PicoClaw up to 0.2.9. The affected element is an unknown function of the file web/backend/api/auth.go. Executing a manipulation can lead to cross-site request forgery. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called 4b0229351678f479429b8d8b19207757266f246b. Applying a patch is advised to resolve this issue. | |
| Title | Sipeed PicoClaw auth.go cross-site request forgery | |
| First Time appeared |
Sipeed
Sipeed picoclaw |
|
| Weaknesses | CWE-352 CWE-862 |
|
| CPEs | cpe:2.3:a:sipeed:picoclaw:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Sipeed
Sipeed picoclaw |
|
| References |
|
|
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-18T07:45:09.658Z
Reserved: 2026-07-17T13:49:54.669Z
Link: CVE-2026-16081
No data.
No data.
No data.
OpenCVE Enrichment
No data.