CVE-2026-31861: Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1
Summary
Cloud CLI (a user interface for accessing Claude Code and similar tools) has a vulnerability in versions before 1.24.0 where user input in the git configuration endpoint is not properly sanitized before being executed as shell commands. This means an authenticated attacker (someone with login access) could run arbitrary OS commands (commands that do whatever they want on the operating system) by exploiting how backticks, command substitution (${}), and backslashes are interpreted within the double-quoted strings.
Solution / Mitigation
This vulnerability is fixed in version 1.24.0. Users should update Cloud CLI to version 1.24.0 or later.
Vulnerability Details
EPSS: 0.0%
March 11, 2026
Classification
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-31861
First tracked: March 11, 2026 at 04:07 PM
Classified by LLM (prompt v3) · confidence: 92%