CVE-2026-31975

Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.25.0, OS Command Injection via WebSocket Shell. Both projectPath and initialCommand in server/index.js are taken directly from the WebSocket message payload and interpolated into a bash command string without any sanitization, enabling arbitrary OS command execution. A secondary injection vector exists via unsanitized sessionId. This vulnerability is fixed in 1.25.0.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/siteboon/claudecodeui/commit/12e7f074d9563b3264caf9cec6e1b701c301af26	Patch
https://github.com/siteboon/claudecodeui/releases/tag/v1.25.0	Release Notes
https://github.com/siteboon/claudecodeui/security/advisories/GHSA-gv8f-wpm2-m5wr	Exploit Vendor Advisory
https://github.com/siteboon/claudecodeui/security/advisories/GHSA-gv8f-wpm2-m5wr	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:cloudcli:cloud_cli:*:*:*:*:*:*:*:*

History

20 Mar 2026, 16:17

Type	Values Removed	Values Added
First Time		Cloudcli cloud Cli Cloudcli
References	~~() https://github.com/siteboon/claudecodeui/commit/12e7f074d9563b3264caf9cec6e1b701c301af26 -~~	() https://github.com/siteboon/claudecodeui/commit/12e7f074d9563b3264caf9cec6e1b701c301af26 - Patch
References	~~() https://github.com/siteboon/claudecodeui/releases/tag/v1.25.0 -~~	() https://github.com/siteboon/claudecodeui/releases/tag/v1.25.0 - Release Notes
References	~~() https://github.com/siteboon/claudecodeui/security/advisories/GHSA-gv8f-wpm2-m5wr -~~	() https://github.com/siteboon/claudecodeui/security/advisories/GHSA-gv8f-wpm2-m5wr - Exploit, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
Summary		(es) Cloud CLI (también conocida como Claude Code UI) es una interfaz de usuario de escritorio y móvil para Claude Code, Cursor CLI, Codex y Gemini-CLI. Antes de la versión 1.25.0, existía una inyección de comandos del sistema operativo (OS Command Injection) a través de WebSocket Shell. Tanto projectPath como initialCommand en servidor/index.js se toman directamente de la carga útil del mensaje de WebSocket y se interpolan en una cadena de comandos bash sin ninguna sanitización, lo que permite la ejecución arbitraria de comandos del sistema operativo. Existe un vector de inyección secundario a través de un sessionId no sanitizado. Esta vulnerabilidad se corrige en la versión 1.25.0.
CPE		cpe:2.3:a:cloudcli:cloud_cli::::::::

12 Mar 2026, 14:16

Type	Values Removed	Values Added
References	~~() https://github.com/siteboon/claudecodeui/security/advisories/GHSA-gv8f-wpm2-m5wr -~~	() https://github.com/siteboon/claudecodeui/security/advisories/GHSA-gv8f-wpm2-m5wr -

11 Mar 2026, 18:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-11 18:16

Updated : 2026-03-20 16:17

NVD link : CVE-2026-31975

Mitre link : CVE-2026-31975

CVE.ORG link : CVE-2026-31975

JSON object : View

Products Affected

cloudcli

cloud_cli

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

9.8 /10