CVE-2026-10281

A weakness has been identified in Enderfga claw-orchestrator up to 3.5.5. This affects the function EmbeddedServer of the file src/embedded-server.ts of the component API Endpoint. This manipulation causes missing authentication. The attack may be initiated remotely. The exploit has been made...

CVE-2026-10281 Enderfga claw-orchestrator API Endpoint embedded-server.ts EmbeddedServer missing authentication

A weakness has been identified in Enderfga claw-orchestrator up to 3.5.5. This affects the function EmbeddedServer of the file src/embedded-server.ts of the component API Endpoint. This manipulation causes missing authentication. The attack may be initiated remotely. The exploit has been made...

Claw Orchestrator 访问控制错误漏洞

Claw Orchestrator is a multi-agent coding agent runtime platform developed by Guian Fang’s individual developers. Versions of Claw Orchestrator 3.5.5 and earlier contained an access control vulnerability. This vulnerability stemmed from incorrect operations in the function EmbeddedServer within t...

PT-2026-45502

A weakness has been identified in Enderfga claw-orchestrator up to 3.5.5. This affects the function EmbeddedServer of the file src/embedded-server.ts of the component API Endpoint. This manipulation causes missing authentication. The attack may be initiated remotely. The exploit has been made...