{"data":{"id":"50ca9ca7-e1c7-4479-a050-5fef7a43a48d","title":"CVE-2026-31975: Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1","summary":"Cloud CLI (a user interface for Claude Code and similar tools) had a critical vulnerability in versions before 1.25.0 where user inputs called projectPath, initialCommand, and sessionId were directly used to build system commands without filtering, allowing attackers to inject arbitrary OS commands (OS command injection, where an attacker tricks the system into running unauthorized commands) through WebSocket connections. This vulnerability has been patched in version 1.25.0.","solution":"Update Cloud CLI to version 1.25.0 or later, which fixes the OS command injection vulnerability.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-31975","publishedAt":"2026-03-11T18:16:27.177Z","cveId":"CVE-2026-31975","cweIds":["CWE-78"],"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["Anthropic"],"affectedVendorsRaw":["Claude","Claude Code","Cursor CLI","Codex","Gemini-CLI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-03-11T18:16:27.177Z","capecIds":["CAPEC-88"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}