CVE-2026-30310: In its design for automatic terminal command execution, Sixth offers two options: Execute safe commands and Execute all
highvulnerabilityLLM-Specific
security
Summary
Sixth, an AI tool that can run terminal commands automatically, has a security flaw in its safety check feature. An attacker can use prompt injection (tricking the AI by hiding instructions in its input) to disguise harmful commands as safe ones, causing the AI to run them without asking the user for permission first.
Vulnerability Details
EPSS (30-day exploit probability)
EPSS: 0.0%
Disclosure Date
March 31, 2026
Classification
Attack Type
Prompt Injection
Attack SophisticationTrivial
Impact (CIA+S)
integrityavailability
Taxonomy References
MITRE ATLAS (AI/ML Threat Technique)
Affected Vendors
Related Issues
Monthly digest — independent AI security research
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-30310
First tracked: March 31, 2026 at 02:07 PM
Classified by LLM (prompt v3) · confidence: 85%