CVE-2026-15319

EUVD-2026-42775
A security vulnerability has been detected in Sipeed PicoClaw up to 0.2.9. This affects the function IPAllowlist of the file web/backend/middleware/access_control.go of the component Launcher. Such manipulation leads to improper access controls. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The name of the patch is 3126. A patch should be applied to remediate this issue.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
VulDBCNA
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
sipeedpicoclaw
0.2.0
CNA
sipeedpicoclaw
0.2.1
CNA
sipeedpicoclaw
0.2.2
CNA
sipeedpicoclaw
0.2.3
CNA
sipeedpicoclaw
0.2.4
CNA
sipeedpicoclaw
0.2.5
CNA
sipeedpicoclaw
0.2.6
CNA
sipeedpicoclaw
0.2.7
CNA
sipeedpicoclaw
0.2.8
CNA
sipeedpicoclaw
0.2.9
CNA