CVE-2026-10281 | Enderfga claw-orchestrator up to 3.5.5 API Endpoint src/embedded-server.ts EmbeddedServer missing authentication (Issue 61)

Inserito da Angelo Barbosa | Mag 31, 2026 | CVE

A vulnerability has been found in Enderfga claw-orchestrator up to 3.5.5 and classified as critical. This affects the function EmbeddedServer of the file src/embedded-server.ts of the component API Endpoint. This manipulation causes missing authentication.

This vulnerability appears as CVE-2026-10281. The attack may be initiated remotely. In addition, an exploit is available.

The affected component should be upgraded.

CVE-2026-10281 | Enderfga claw-orchestrator up to 3.5.5 API Endpoint src/embedded-server.ts EmbeddedServer missing authentication (Issue 61)

Post correlati

CVE-2023-7037 | automad up to 1.10.9 FileController.php import importUrl server-side request forgery

CVE-2025-7100 | BoyunCMS up to 1.4.20 Index.php image unrestricted upload

CVE-2024-0641 | Linux Kernel up to 6.6-rc4 net/tipc/crypto.c tipc_crypto_key_revoke deadlock

CVE-2024-2468 | EmbedPress Plugin up to 3.9.12 on WordPress Widget Attribute cross site scripting