CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1 matches found

Github Security Blog•added 2026/05/08 8:43 p.m.•14 views

Cline Kanban Server has a Cross-Origin WebSocket Hijacking Vulnerability

Summary The kanban npm package used by the cline CLI starts a WebSocket server on 127.0.0.1:3484 with no Origin header validation. Any website a developer visits can silently connect to the kanban server via WebSocket and: 1. Leak sensitive data in real-time: workspace filesystem paths, task...

9.6CVSS6.2AI score0.00154EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by