PatchSiren cyber security CVE debrief
CVE-2026-15619 mosaxiv CVE debrief
A weakness has been identified in mosaxiv clawlet up to 0.2.10, specifically in the function web_fetch of the file tools/tool_web_fetch.go of the component IPv4 Handler. This manipulation of the argument url causes server-side request forgery. The attack can be initiated remotely. This vulnerability has a CVSS score of 2.1 and is considered Low severity. Users of mosaxiv clawlet up to 0.2.10 should be aware of this vulnerability and take necessary precautions to prevent exploitation.
- Vendor
- mosaxiv
- Product
- clawlet
- CVSS
- LOW 2.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-14
- Original CVE updated
- 2026-07-14
- Advisory published
- 2026-07-14
- Advisory updated
- 2026-07-14
Who should care
Users of mosaxiv clawlet up to 0.2.10, particularly those responsible for vulnerability management, security teams, and operators of affected systems, should be aware of this vulnerability and take necessary precautions to prevent exploitation. This includes reviewing vendor guidance, implementing compensating controls, and monitoring for suspicious activity.
Technical summary
The vulnerability is caused by improper handling of URLs in the web_fetch function of the tools/tool_web_fetch.go file in the IPv4 Handler component. This allows for server-side request forgery attacks, which can be initiated remotely. The vulnerability has a CVSS score of 2.1 and is considered Low severity. Affected users should review vendor guidance and implement compensating controls to detect and prevent exploitation.
Defensive priority
Low
Recommended defensive actions
- Inventory and verify affected mosaxiv clawlet installations
- Apply vendor remediation if available
- Implement compensating controls to detect and prevent exploitation
- Monitor for suspicious activity
- Exception tracking and retest
- Review relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
Evidence notes
The reported GitHub issue was closed with the label 'not planned'. The exploit has been made available to the public and could be used for attacks. Users should verify affected mosaxiv clawlet installations and review compensating controls. Evidence is limited to public sources and may not reflect the full scope or impact of this vulnerability.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-14T00:16:18.823Z and has not been modified since then.