Skip to main content

Picobot

3 CVEs product

Monthly

CVE-2026-15669 LOW POC Monitor

OS command injection in louisho5 picobot up to version 0.2.0 allows local low-privileged attackers to execute arbitrary operating system commands through the ExecTool.Execute function in internal/agent/tools/exec.go. A publicly available proof-of-concept exploit exists (GitHub issue #43), elevating practical risk despite the moderate CVSS 4.0 score of 4.8. No patch has been issued as the project maintainer has not responded to responsible disclosure, leaving all known deployments persistently exposed.

Command Injection Picobot
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.6%
CVE-2026-15668 LOW POC Monitor

Server-side request forgery in louisho5 picobot up to version 0.2.0 allows authenticated remote attackers to manipulate the url argument of the WebTool.Execute function in internal/agent/tools/web.go, causing the server to issue arbitrary HTTP requests to internal or external targets. The vulnerability carries a CVSS 4.0 score of 5.3 with low-privilege authentication required and has publicly available exploit code disclosed via a GitHub issue report. The upstream project has not responded to the responsible disclosure, meaning no patch is available at time of analysis.

SSRF Picobot
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.2%
CVE-2026-15629 LOW POC Monitor

Link-following vulnerability in louisho5 picobot up to version 0.2.0 allows a remote, low-privileged attacker to traverse outside the intended workspace directory via the CreateSkill and GetSkill functions in the filesystem handler. The root cause is improper symlink resolution (CWE-59) in internal/agent/tools/filesystem.go, enabling potential unauthorized file read and write operations on the host filesystem. A public exploit exists as a GitHub issue report; no vendor patch has been released and the project maintainer has not yet responded to the disclosure.

Information Disclosure Picobot
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.3%
EPSS 1% CVSS 1.9
LOW POC Monitor

OS command injection in louisho5 picobot up to version 0.2.0 allows local low-privileged attackers to execute arbitrary operating system commands through the ExecTool.Execute function in internal/agent/tools/exec.go. A publicly available proof-of-concept exploit exists (GitHub issue #43), elevating practical risk despite the moderate CVSS 4.0 score of 4.8. No patch has been issued as the project maintainer has not responded to responsible disclosure, leaving all known deployments persistently exposed.

Command Injection Picobot
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

Server-side request forgery in louisho5 picobot up to version 0.2.0 allows authenticated remote attackers to manipulate the url argument of the WebTool.Execute function in internal/agent/tools/web.go, causing the server to issue arbitrary HTTP requests to internal or external targets. The vulnerability carries a CVSS 4.0 score of 5.3 with low-privilege authentication required and has publicly available exploit code disclosed via a GitHub issue report. The upstream project has not responded to the responsible disclosure, meaning no patch is available at time of analysis.

SSRF Picobot
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

Link-following vulnerability in louisho5 picobot up to version 0.2.0 allows a remote, low-privileged attacker to traverse outside the intended workspace directory via the CreateSkill and GetSkill functions in the filesystem handler. The root cause is improper symlink resolution (CWE-59) in internal/agent/tools/filesystem.go, enabling potential unauthorized file read and write operations on the host filesystem. A public exploit exists as a GitHub issue report; no vendor patch has been released and the project maintainer has not yet responded to the disclosure.

Information Disclosure Picobot
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy