A vulnerability has been found in Sipeed PicoClaw up to 0.2.9 and classified as critical. This impacts the function
web_fetch of the file pkg/tools/integration/web.go. This manipulation causes server-side request forgery.
This vulnerability is registered as CVE-2026-16084. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
To fix this issue, it is recommended to deploy a patch.