Ctrl + K
/ news / CVE
CVEPublished 2026-06-01Modified 2026-06-020 articles on news5 live referencesNVD data

CVE-2026-10281

Vulnerability data via NVD (ingested)

CVSS v3.1
7.3
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS percentile
Weaknesses (CWE)
CWE-287Improper AuthenticationCWE-306Missing Authentication for Critical Function
Description

A weakness has been identified in Enderfga claw-orchestrator up to 3.5.5. This affects the function EmbeddedServer of the file src/embedded-server.ts of the component API Endpoint. This manipulation causes missing authentication. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 3.5.6 mitigates this issue. Patch name: d0b02a800aa0689d9428cc4cc170e0b6589fb2c3. The affected component should be upgraded.

Timeline
Published 2026-06-01
Modified 2026-06-02

External references

NVDMITREExploit-DBSploitusVulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts
vuln:CVE-2026-10281
Hosts Shodan has explicitly fingerprinted as vulnerable.
More intel sources (5)
Shodan report
vuln:CVE-2026-10281
Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2026-10281
Censys host search filtered to this CVE id.
grep.app
CVE-2026-10281
Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2026-10281
GitHub code search for direct mentions.
Google dork
"CVE-2026-10281" exploit -site:nvd.nist.gov
Write-ups and news, NVD excluded.

Known PoCs on GitHub (5)

CVE-2026-102815 repos
cnlinxi/LLM-paper-dailyPython
Automatically Update LLM Papers Daily using Github Actions. Ref: https://github.com/Vincentqyw/cv-arxiv-daily
★ 10·updated today
iotsrg/awesome-ros-securityunknown
Awesome curated list of ROS / ROS 2 & robotics security - pentest tools, checklists, CVEs, SROS2, DDS, research. Maintained by IOTSRG.
★ 6·updated 2w ago
YuzeHao2023/daily-arxiv-ai4geoPython
🎓Automatically Update AI4Geo Papers Daily using Github Actions
★ 3·updated today
maheshndev/awesome-reposHTML
Awesome Repositories - Explore top-rated GitHub repositories curated for developers—tools, libraries, and projects to boost productivity and learning in one place. Discover the bes…
★ 2·updated 1d ago
imfht/cve-cnPython
AIGCVE 神龙精选 CVE 中文情报榜(每周自动更新,原站 cve.imfht.com)
★ 1·updated 1d ago
We haven't classified any articles referencing CVE-2026-10281 yet. The external references above still apply.