Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threats Tagged 'cve-2026-16198'

View all threats tagged with 'cve-2026-16198'. Filter and sort to focus on specific types of threats.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.
Active filters (1):Tag: cve-2026-16198

Threats Tagged 'cve-2026-16198'

Click on any threat for detailed analysis and mitigation recommendations

A vulnerability was detected in Sipeed PicoClaw up to 0.2.9. (CVE-2026-16198)CVE-2026-16198
0

A vulnerability in Sipeed PicoClaw up to version 0.2.9 allows authentication bypass via manipulation of the argument allowed_cidrs in the First Run Setup component. The issue exists in the file web/backend/middleware/access_control.go. The attack can be initiated remotely but has high complexity and is difficult to exploit. A patch identified by commit 017601354be38cb027ff3ffb01aed79bd5d12610 is recommended to fix this issue.

Join the discussion
CVE-2026-16198: Authentication Bypass Using Alternate Channel in Sipeed PicoClawCVE-2026-16198
0

CVE-2026-16198 is an authentication bypass vulnerability in Sipeed PicoClaw versions 0.2.0 through 0.2.9. It involves manipulation of the argument allowed_cidrs in the First Run Setup component, specifically in the file web/backend/middleware/access_control.go. The vulnerability allows an attacker to bypass authentication via an alternate channel. Exploitation complexity is high and considered difficult. A patch identified by commit 017601354be38cb027ff3ffb01aed79bd5d12610 is recommended to fix the issue.

Join the discussion

Showing 1 to 2 of 2 results

Filters:Tag: cve-2026-16198
Page 1 of 1
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses