CVE-2026-16126

medium

Description

A vulnerability was determined in zevorn rt-claw up to 0.2.0. The impacted element is the function handle_rpc_request of the file claw/services/swarm/swarm.c of the component Swarm RPC Receiver. This manipulation causes incorrect authorization. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.

References

https://vuldb.com/vuln/379838/cti

https://vuldb.com/vuln/379838

https://vuldb.com/submit/856871

https://vuldb.com/submit/856870

https://vuldb.com/cve/CVE-2026-16126

https://github.com/zevorn/rt-claw/issues/137

https://github.com/zevorn/rt-claw/issues/135

https://github.com/zevorn/rt-claw/

Details

Source: Mitre, NVD

Published: 2026-07-18

Updated: 2026-07-18

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.3

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Severity: High

CVSS v4

Base Score: 6.9

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Severity: Medium