{"data":{"id":"e0351eaa-89cc-4f77-9d6e-744f42bfdbed","title":"CVE-2026-30304: In its design for automatic terminal command execution, AI Code offers two options: Execute safe commands and execute al","summary":"AI Code has a feature that automatically runs terminal commands (direct instructions to a computer's operating system) if it thinks they're safe, but an attacker can use prompt injection (tricking an AI by hiding instructions in its input) to disguise malicious commands as safe ones, causing them to execute without user approval.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-30304","publishedAt":"2026-03-27T15:16:53.263Z","cveId":"CVE-2026-30304","cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["prompt_injection"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["AI Code"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-03-27T15:16:53.263Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":["AML.T0051"]}}