PatchSiren

zevorn CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM zevorn CVE published 2026-07-18

CVE-2026-16127

A vulnerability was identified in zevorn rt-claw up to 0.2.0. This affects the function claw_net_get/claw_net_post of the file claw/tools/tool_net.c of the component http_request. Such manipulation of the argument url leads to server-side request forgery. The attack may be performed from remote. The exploit is publicly available and might be used. The project was informed of the problem early through an i [truncated]

MEDIUM zevorn CVE published 2026-07-18

CVE-2026-16126

A vulnerability was determined in zevorn rt-claw up to 0.2.0, affecting the function handle_rpc_request of the file claw/services/swarm/swarm.c of the component Swarm RPC Receiver. This manipulation causes incorrect authorization. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. The vulnerability allows for incorrect authorization, which can b [truncated]

MEDIUM zevorn CVE published 2026-07-18

CVE-2026-16125

A vulnerability was found in zevorn rt-claw up to 0.2.0. The affected element is the function claw_net_get/claw_net_post of the file claw/services/tools/net.c of the component http_request. The manipulation of the argument url results in server-side request forgery. The attack can be executed remotely. This server-side request forgery vulnerability in zevorn rt-claw up to 0.2.0 allows attackers to make un [truncated]