A vulnerability has been found in Enderfga claw-orchestrator up to 3.5.5 and classified as critical . This affects the function EmbeddedServer of the file src/embedded-server.ts of the component API Endpoint . This manipulation causes missing authentication. This vulnerability appears as CVE-2026-10281 . The attack may be initiated remotely. In addition, an exploit is available. The affected component should be upgraded.