Ghostwire

CVE-2026-16081: A vulnerability was determined in Sipeed PicoClaw up to 0.2.9. The affected element is an unknown function of the file...

MEDIUM CVSS 4.3 Exploit Available

Published: July 18, 2026 | Last Modified: July 18, 2026

Description

A vulnerability was determined in Sipeed PicoClaw up to 0.2.9. The affected element is an unknown function of the file web/backend/api/auth.go. Executing a manipulation can lead to cross-site request forgery. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called 4b0229351678f479429b8d8b19207757266f246b. Applying a patch is advised to resolve this issue.

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

References