CVE-2026-15320
MEDIUM
NVD
CVSS Score
5.4
Severity
MEDIUM
Published
Jul 10, 2026
Vendor
unknown
Description
A vulnerability was detected in Sipeed PicoClaw up to 0.2.9. This vulnerability affects the function rt.ReloadConfig of the file pkg/channels/pico/pico.go. Performing a manipulation of the argument message.send results in missing authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. The reported GitHub issue was closed automatically due to inactivity.