Severity by source
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Adjacent-network vector aligns with CVSS 4.0 AV:A; no authentication or interaction required; low CIA impact scoped to the executor manager service only, no scope change.
Primary rating from Vendor (VulDB).
CVSS VectorVendor: VulDB
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionCVE.org
A vulnerability was determined in poco-ai poco-claw up to 0.5.4. This vulnerability affects the function create_task of the file executor_manager/app/api/v1/tasks.py of the component executor_manager API. Executing a manipulation can lead to missing authentication. The exploit has been publicly disclosed and may be utilized. Upgrading to version 0.5.7 is able to resolve this issue. This patch is called 67fcc88505c57f77d3fcf04eb5b89425b10cbf48. It is recommended to upgrade the affected component.
AnalysisAI
Missing authentication on the executor_manager control-plane API in poco-ai/poco-claw through version 0.5.4 allows adjacent-network attackers to invoke the create_task endpoint without any credentials, enabling unauthorized task submission to the AI agent execution engine. The CVSS 4.0 vector (AV:A) confirms exploitation requires adjacency to the internal network segment hosting the executor manager service - it is not directly internet-exploitable. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires adjacent-network access (CVSS 4.0 AV:A) - the attacker must be able to route HTTP traffic to the executor_manager service's API port from within the same network segment or subnet. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 score of 5.3 with vector AV:A/AC:L/AT:N/PR:N/UI:N reflects a genuinely low-complexity but adjacency-constrained attack, with modest CIA impact (VC:L/VI:L/VA:L) and no impact on subsequent systems (SC:N/SI:N/SA:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with access to the internal network segment hosting the poco-claw deployment - for example, via a compromised container, VM, or lateral movement from another internal host - sends an unauthenticated HTTP POST to the executor_manager's `/api/v1/tasks` endpoint's `create_task` handler. With no token validation in place on unpatched versions, the request is accepted and processed, allowing the attacker to queue arbitrary task definitions to the AI execution engine. … |
| Remediation | Upgrade poco-claw to version 0.5.7, which contains fix commit 67fcc88505c57f77d3fcf04eb5b89425b10cbf48 (https://github.com/poco-ai/poco-claw/commit/67fcc88505c57f77d3fcf04eb5b89425b10cbf48) and is available at https://github.com/poco-ai/poco-claw/releases/tag/0.5.7. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Server-side request forgery in poco-ai/poco-claw up to version 0.5.4 allows remote unauthenticated attackers to coerce t
Unauthenticated authorization bypass in poco-ai/poco-claw's Workspace API allows remote attackers to access arbitrary us
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-45171