{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/picoclaw--0.2.9/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-15319"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["PicoClaw \u003c= 0.2.9"],"_cs_severities":["high"],"_cs_tags":["vulnerability","access-control","web-application"],"_cs_type":"advisory","_cs_vendors":["Sipeed"],"content_html":"\u003cp\u003eA security vulnerability, CVE-2026-15319, has been identified in Sipeed PicoClaw versions up to and including 0.2.9. This flaw resides within the \u003ccode\u003eIPAllowlist\u003c/code\u003e function of the \u003ccode\u003eLauncher\u003c/code\u003e component, specifically located in the \u003ccode\u003eweb/backend/middleware/access_control.go\u003c/code\u003e file. The vulnerability permits remote manipulation leading to improper access controls, allowing an unauthorized attacker to bypass intended restrictions. The exploit for this issue has been publicly disclosed, increasing the risk of widespread exploitation against unpatched systems. Defenders should prioritize patching due to the remote exploitability and public availability of the exploit.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003cp\u003e(Attack chain details are not available in the source, which describes a vulnerability rather than an observed exploitation sequence.)\u003c/p\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-15319 could allow a remote, unauthenticated attacker to bypass IP-based access controls within the Sipeed PicoClaw Launcher component. This leads to unauthorized access to functionalities or resources that should be restricted, potentially enabling further compromise of the system or data. While specific victim numbers or targeted sectors are not detailed in the public disclosure, any organization utilizing vulnerable versions of Sipeed PicoClaw is at risk of unauthorized system access.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply patch 3126, referenced in this brief, to all Sipeed PicoClaw installations running versions up to 0.2.9 immediately to remediate CVE-2026-15319.\u003c/li\u003e\n\u003cli\u003eMonitor your Sipeed PicoClaw web interface access logs for any unauthorized access attempts, which could indicate exploitation of the improper access controls detailed in CVE-2026-15319.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-10T03:17:34Z","date_published":"2026-07-10T03:17:34Z","id":"https://feed.craftedsignal.io/briefs/2026-07-sipeed-picoclaw-cve-2026-15319/","summary":"A remote improper access control vulnerability (CVE-2026-15319) exists in the IPAllowlist function of the Launcher component in Sipeed PicoClaw versions up to and including 0.2.9, allowing unauthorized remote access due to publicly disclosed exploit.","title":"CVE-2026-15319: Remote Improper Access Control in Sipeed PicoClaw","url":"https://feed.craftedsignal.io/briefs/2026-07-sipeed-picoclaw-cve-2026-15319/"}],"language":"en","title":"CraftedSignal Threat Feed - PicoClaw \u003c= 0.2.9","version":"https://jsonfeed.org/version/1.1"}