CVE-2026-31862

HIGH WAF: High

CVSS 8.8 Published: 2026-03-11

CWE-78

Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, multiple Git-related API endpoints use execAsync() with string interpolation of user-controlled parameters (file, branch, message, commit), allowing authenticated attackers to execute arbitrary OS commands. This vulnerability is fixed in 1.24.0.

WAF Coverage Analysis

OS Command Injection High WAF Coverage

OWASP: A03:2021 Injection

932xxx - Remote Code Execution

Affected Software

Vendor	Product	Version
cloudcli	cloud_cli	up to 1.24.0

References

github.com (Release Notes)
github.com (Vendor Advisory)

Back to CVE Database