5308 matches found
CVE-2026-31975
Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.25.0, OS Command Injection via WebSocket Shell. Both projectPath and initialCommand in server/index.js are taken directly from the WebSocket message payload and interpolated into...
CVE-2026-31975
Cloud CLI (Claude Code UI) vulnerable to OS command injection via WebSocket, affecting claude-code-ui up to version 1.24.0. The root cause is direct interpolation of WebSocket payload values (projectPath and initialCommand) into a bash command string in server/index.js, with a secondary vector th...
CVE-2026-31975 Cloud CLI WebSocket shell injection
Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.25.0, OS Command Injection via WebSocket Shell. Both projectPath and initialCommand in server/index.js are taken directly from the WebSocket message payload and interpolated into...
GO-2026-4661 Linkdave Missing Authentication on REST and WebSocket endpoints in github.com/shi-gg/linkdave
Linkdave Missing Authentication on REST and WebSocket endpoints in github.com/shi-gg/linkdave...
CVE-2026-32062
OpenClaw versions2026.2.21-2 prior to 2026.2.22 and @openclaw/voice-call versions 2026.2.21 prior to 2026.2.22 accept media-stream WebSocket upgrades before stream validation, allowing unauthenticated clients to establish connections. Remote attackers can hold idle pre-authenticated sockets open ...
CVE-2026-32062
OpenClaw versions 2026.2.21-2 up to, but not including, 2026.2.22, and @openclaw/voice-call versions 2026.2.21 up to, but not including, 2026.2.22 accept media-stream WebSocket upgrades before stream validation, allowing unauthenticated clients to establish connections. Remote attackers can hold...
CVE-2026-32062 OpenClaw 2026.2.21-2 < 2026.2.22 - Unauthenticated WebSocket Resource Exhaustion via Media Stream
OpenClaw versions 2026.2.21-2 up to, but not including, 2026.2.22, and @openclaw/voice-call versions 2026.2.21 up to, but not including, 2026.2.22 accept media-stream WebSocket upgrades before stream validation, allowing unauthenticated clients to establish connections. Remote attackers can hold...
CVE-2026-32062
OpenClaw versions 2026.2.21-2 up to, but not including, 2026.2.22, and @openclaw/voice-call versions 2026.2.21 up to, but not including, 2026.2.22 accept media-stream WebSocket upgrades before stream validation, allowing unauthenticated clients to establish connections. Remote attackers can hold...
CVE-2026-32062
CVE-2026-32062 affects OpenClaw versions 2026.2.21-2 prior to 2026.2.22 and @openclaw/voice-call 2026.2.21 prior to 2026.2.22. The vulnerability arises from accepting media-stream WebSocket upgrades before stream validation, enabling unauthenticated remote clients to establish connections and hol...
EUVD-2026-11154
OpenClaw versions2026.2.21-2 prior to 2026.2.22 and @openclaw/voice-call versions 2026.2.21 prior to 2026.2.22 accept media-stream WebSocket upgrades before stream validation, allowing unauthenticated clients to establish connections. Remote attackers can hold idle pre-authenticated sockets open ...
CVE-2026-32062 OpenClaw 2026.2.21-2 < 2026.2.22 - Unauthenticated WebSocket Resource Exhaustion via Media Stream
OpenClaw versions 2026.2.21-2 up to, but not including, 2026.2.22, and @openclaw/voice-call versions 2026.2.21 up to, but not including, 2026.2.22 accept media-stream WebSocket upgrades before stream validation, allowing unauthenticated clients to establish connections. Remote attackers can hold...
EUVD-2026-11281
@siteboon/claude-code-ui Vulnerable to Unauthenticated RCE via WebSocket Shell Injection...
Command Injection
Overview @siteboon/claude-code-ui is an A web-based UI for Claude Code CLI Affected versions of this package are vulnerable to Command Injection through the authenticateWebSocket process and unsanitized input in the WebSocket shell handler. An attacker can execute arbitrary operating system...
GHSA-GV8F-WPM2-M5WR @siteboon/claude-code-ui Vulnerable to Unauthenticated RCE via WebSocket Shell Injection
Security Advisory: Insecure Default JWT Secret + WebSocket Auth Bypass Enables Unauthenticated RCE via Shell Injection Download: cveclaudecodeuisubmissionv2.zip Submission Info | Field | Value | |-------|-------| | Package | @siteboon/claude-code-ui | | Ecosystem | npm | | Affected versions | =...
@siteboon/claude-code-ui Vulnerable to Unauthenticated RCE via WebSocket Shell Injection
Security Advisory: Insecure Default JWT Secret + WebSocket Auth Bypass Enables Unauthenticated RCE via Shell Injection Download: cveclaudecodeuisubmissionv2.zip Submission Info | Field | Value | |-------|-------| | Package | @siteboon/claude-code-ui | | Ecosystem | npm | | Affected versions | =...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant. Versions of OpenClaw prior to 2026.2.22 contained security vulnerabilities. These vulnerabilities stemmed from improper upgrade validation of the media stream WebSocket by OpenClaw and its component voice-call, which could allow...
Cloud CLI 操作系统命令注入漏洞
Cloud CLI is a multi-model AI programming assistant desktop and mobile interface open-sourced by Siteboon. Versions of Cloud CLI prior to 1.25.0 contained an operating system command injection vulnerability. This vulnerability stemmed from the projectPath and initialCommand parameters in the...
NoSQL Injection
Overview @feathersjs/mongodb is a Feathers MongoDB service adapter Affected versions of this package are vulnerable to NoSQL Injection via the id parameter in WebSocket requests, passed through getObjectId, which fails to perform type checking. An attacker can inject database queries by sending...
GHSA-P9XR-7P9P-GPQX Feathers has a NoSQL Injection via WebSocket id Parameter in MongoDB Adapter
Socket.IO clients can send arbitrary JavaScript objects as the id argument to any service method get, patch, update, remove. The transport layer performs no type checking on this argument. When the service uses the MongoDB adapter, these objects pass through getObjectId and land directly in the...
Feathers has a NoSQL Injection via WebSocket id Parameter in MongoDB Adapter
Socket.IO clients can send arbitrary JavaScript objects as the id argument to any service method get, patch, update, remove. The transport layer performs no type checking on this argument. When the service uses the MongoDB adapter, these objects pass through getObjectId and land directly in the...