CVE-2026-30615: A prompt injection vulnerability in Windsurf 1.9544.26 allows remote attackers to execute arbitrary commands on a victim
Summary
Windsurf version 1.9544.26 has a prompt injection vulnerability (a technique where attackers hide malicious instructions in input to trick an AI system) that allows remote attackers to execute arbitrary commands on a victim's computer. When Windsurf processes attacker-controlled HTML content, it can be tricked into automatically registering a malicious MCP STDIO server (a communication interface for running code), giving attackers the ability to run commands without the user's knowledge.
Vulnerability Details
EPSS: 0.0%
April 15, 2026
Classification
Taxonomy References
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-30615
First tracked: April 15, 2026 at 02:09 PM
Classified by LLM (prompt v3) · confidence: 85%