CVE-2026-6987
Published: 25 April 2026
Summary
CVE-2026-6987 is a medium-severity Injection (CWE-74) vulnerability in Sipeed Picoclaw. Its CVSS base score is 5.5 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 13.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
A vulnerability has been identified in PicoClaw versions up to 0.2.4 within the Web Launcher Management Plane component. Specifically, an unauthenticated remote manipulation of the /api/gateway/restart endpoint can trigger command injection, as classified under CWE-74 and CWE-77. The issue was reported through a project issue tracker prior to public disclosure on 2026-04-25, but the maintainers have not issued a response.
Remote attackers can exploit the flaw without requiring credentials or user interaction to execute arbitrary commands on the affected system. Successful exploitation yields limited effects on confidentiality, integrity, and availability according to the CVSS 5.5 rating, with the attack vector rated as network-accessible and low complexity.
References including the GitHub issue report and Vuldb entries contain no details on patches, workarounds, or official mitigation guidance. The EPSS probability rose from a low baseline to a peak of 0.0214 on 2026-05-01 before receding, indicating a temporary increase in exploitation interest following disclosure.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-25663
Vulnerability details
A vulnerability was detected in PicoClaw up to 0.2.4. Impacted is an unknown function of the file /api/gateway/restart of the component Web Launcher Management Plane. Performing a manipulation results in command injection. It is possible to initiate the attack remotely.…
more
The project was informed of the problem early through an issue report but has not responded yet.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is a remote unauthenticated command injection in a public-facing web API endpoint, directly enabling T1190 (Exploit Public-Facing Application) for initial access and facilitating T1059.004 (Unix Shell) for arbitrary command execution on the host.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SI-10 directly prevents command injection vulnerabilities like CVE-2026-6987 by requiring validation and neutralization of special elements in inputs to the /api/gateway/restart endpoint.
SI-2 mandates timely identification, reporting, and correction of flaws, addressing the unpatched command injection in PicoClaw up to 0.2.4.
SC-7 provides boundary protection via mechanisms like web application firewalls to block or detect remote command injection attempts on the unauthenticated network-accessible endpoint.