A vulnerability was found in Sipeed PicoClaw up to 0.2.9 and classified as problematic. Affected is the function NewContextBuilder of the file pkg/agent/context.go. Such manipulation leads to inclusion of functionality from untrusted control sphere.

This vulnerability is documented as CVE-2026-16085. The attack needs to be performed locally. Additionally, an exploit exists.

The reported GitHub issue was closed automatically with the label “not planned” by a bot.