<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>PicoClaw &lt;= 0.2.9 - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/products/picoclaw--0.2.9/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Fri, 10 Jul 2026 03:17:34 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/products/picoclaw--0.2.9/feed.xml" rel="self" type="application/rss+xml"/><item><title>CVE-2026-15319: Remote Improper Access Control in Sipeed PicoClaw</title><link>https://feed.craftedsignal.io/briefs/2026-07-sipeed-picoclaw-cve-2026-15319/</link><pubDate>Fri, 10 Jul 2026 03:17:34 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-sipeed-picoclaw-cve-2026-15319/</guid><description>A remote improper access control vulnerability (CVE-2026-15319) exists in the IPAllowlist function of the Launcher component in Sipeed PicoClaw versions up to and including 0.2.9, allowing unauthorized remote access due to publicly disclosed exploit.</description><content:encoded><![CDATA[<p>A security vulnerability, CVE-2026-15319, has been identified in Sipeed PicoClaw versions up to and including 0.2.9. This flaw resides within the <code>IPAllowlist</code> function of the <code>Launcher</code> component, specifically located in the <code>web/backend/middleware/access_control.go</code> file. The vulnerability permits remote manipulation leading to improper access controls, allowing an unauthorized attacker to bypass intended restrictions. The exploit for this issue has been publicly disclosed, increasing the risk of widespread exploitation against unpatched systems. Defenders should prioritize patching due to the remote exploitability and public availability of the exploit.</p>
<h2 id="attack-chain">Attack Chain</h2>
<p>(Attack chain details are not available in the source, which describes a vulnerability rather than an observed exploitation sequence.)</p>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-15319 could allow a remote, unauthenticated attacker to bypass IP-based access controls within the Sipeed PicoClaw Launcher component. This leads to unauthorized access to functionalities or resources that should be restricted, potentially enabling further compromise of the system or data. While specific victim numbers or targeted sectors are not detailed in the public disclosure, any organization utilizing vulnerable versions of Sipeed PicoClaw is at risk of unauthorized system access.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Apply patch 3126, referenced in this brief, to all Sipeed PicoClaw installations running versions up to 0.2.9 immediately to remediate CVE-2026-15319.</li>
<li>Monitor your Sipeed PicoClaw web interface access logs for any unauthorized access attempts, which could indicate exploitation of the improper access controls detailed in CVE-2026-15319.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>vulnerability</category><category>access-control</category><category>web-application</category></item></channel></rss>