CVE-2026-10281 | Enderfga claw-orchestrator up to 3.5.5 API Endpoint src/embedded-server.ts EmbeddedServer missing authentication (Issue 61)

Inserito da Angelo Barbosa | Mag 31, 2026 | CVE

A vulnerability has been found in Enderfga claw-orchestrator up to 3.5.5 and classified as critical. This affects the function EmbeddedServer of the file src/embedded-server.ts of the component API Endpoint. This manipulation causes missing authentication.

This vulnerability appears as CVE-2026-10281. The attack may be initiated remotely. In addition, an exploit is available.

The affected component should be upgraded.

CVE-2026-10281 | Enderfga claw-orchestrator up to 3.5.5 API Endpoint src/embedded-server.ts EmbeddedServer missing authentication (Issue 61)

Post correlati

CVE-2022-43476 | Daniel Söderström & Sidney van de Stouwe Subscribe to Category Plugin up to 2.7.4 on WordPress authorization

CVE-2024-4888 | berriai litellm Request /audio/transcriptions denial of service

CVE-2023-48114 | SmarterTools SmarterMail prior 16.x Build 8747 SVG Document unrestricted upload

CVE-2024-41013 | Linux Kernel up to 6.10 xfs_dir2_data_unused out-of-bounds (0c7fcdb6d06c)