Vulnerability Description
Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.25.0, OS Command Injection via WebSocket Shell. Both projectPath and initialCommand in server/index.js are taken directly from the WebSocket message payload and interpolated into a bash command string without any sanitization, enabling arbitrary OS command execution. A secondary injection vector exists via unsanitized sessionId. This vulnerability is fixed in 1.25.0.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cloudcli | Cloud Cli | < 1.25.0 |
Related Weaknesses (CWE)
References
- https://github.com/siteboon/claudecodeui/commit/12e7f074d9563b3264caf9cec6e1b701Patch
- https://github.com/siteboon/claudecodeui/releases/tag/v1.25.0Release Notes
- https://github.com/siteboon/claudecodeui/security/advisories/GHSA-gv8f-wpm2-m5wrExploitVendor Advisory
- https://github.com/siteboon/claudecodeui/security/advisories/GHSA-gv8f-wpm2-m5wrExploitVendor Advisory
FAQ
What is CVE-2026-31975?
CVE-2026-31975 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.25.0, OS Command Injection via WebSocket Shell. Both projectPath and initialCom...
How severe is CVE-2026-31975?
CVE-2026-31975 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2026-31975?
Check the references section above for vendor advisories and patch information. Affected products include: Cloudcli Cloud Cli.