{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31861", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-09T19:02:25.012Z", "datePublished": "2026-03-11T17:22:10.111Z", "dateUpdated": "2026-03-12T14:07:17.766Z"}, "containers": {"cna": {"title": "Shell Command Injection in Git Routes [CloudCLI UI]", "problemTypes": [{"descriptions": [{"cweId": "CWE-94", "lang": "en", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/siteboon/claudecodeui/security/advisories/GHSA-7fv4-fmmc-86g2", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/siteboon/claudecodeui/security/advisories/GHSA-7fv4-fmmc-86g2"}, {"name": "https://github.com/siteboon/claudecodeui/commit/86c33c1c0cb34176725a38f46960213714fc3e04", "tags": ["x_refsource_MISC"], "url": "https://github.com/siteboon/claudecodeui/commit/86c33c1c0cb34176725a38f46960213714fc3e04"}, {"name": "https://github.com/siteboon/claudecodeui/releases/tag/v1.24.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/siteboon/claudecodeui/releases/tag/v1.24.0"}], "affected": [{"vendor": "siteboon", "product": "claudecodeui", "versions": [{"version": "< 1.24.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-11T17:22:10.111Z"}, "descriptions": [{"lang": "en", "value": "Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, The /api/user/git-config endpoint constructs shell commands by interpolating user-supplied gitName and gitEmail values into command strings passed to child_process.exec(). The input is placed within double quotes and only \" is escaped, but backticks (`), $() command substitution, and \\ sequences are all interpreted within double-quoted strings in bash. This allows authenticated attackers to execute arbitrary OS commands via the git configuration endpoint. This vulnerability is fixed in 1.24.0."}], "source": {"advisory": "GHSA-7fv4-fmmc-86g2", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/siteboon/claudecodeui/security/advisories/GHSA-7fv4-fmmc-86g2", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-12T14:07:14.414700Z", "id": "CVE-2026-31861", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T14:07:17.766Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-31861", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-12T14:07:14.414700Z"}}}], "references": [{"url": "https://github.com/siteboon/claudecodeui/security/advisories/GHSA-7fv4-fmmc-86g2", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T14:07:04.043Z"}}], "cna": {"title": "Shell Command Injection in Git Routes [CloudCLI UI]", "source": {"advisory": "GHSA-7fv4-fmmc-86g2", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "siteboon", "product": "claudecodeui", "versions": [{"status": "affected", "version": "< 1.24.0"}]}], "references": [{"url": "https://github.com/siteboon/claudecodeui/security/advisories/GHSA-7fv4-fmmc-86g2", "name": "https://github.com/siteboon/claudecodeui/security/advisories/GHSA-7fv4-fmmc-86g2", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/siteboon/claudecodeui/commit/86c33c1c0cb34176725a38f46960213714fc3e04", "name": "https://github.com/siteboon/claudecodeui/commit/86c33c1c0cb34176725a38f46960213714fc3e04", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/siteboon/claudecodeui/releases/tag/v1.24.0", "name": "https://github.com/siteboon/claudecodeui/releases/tag/v1.24.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, The /api/user/git-config endpoint constructs shell commands by interpolating user-supplied gitName and gitEmail values into command strings passed to child_process.exec(). The input is placed within double quotes and only \" is escaped, but backticks (`), $() command substitution, and \\ sequences are all interpreted within double-quoted strings in bash. This allows authenticated attackers to execute arbitrary OS commands via the git configuration endpoint. This vulnerability is fixed in 1.24.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-11T17:22:10.111Z"}}}, "cveMetadata": {"cveId": "CVE-2026-31861", "state": "PUBLISHED", "dateUpdated": "2026-03-12T14:07:17.766Z", "dateReserved": "2026-03-09T19:02:25.012Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-11T17:22:10.111Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cloudcli:cloud_cli:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D084438-4C97-467F-8517-14FE6949B298", "versionEndExcluding": "1.24.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, The /api/user/git-config endpoint constructs shell commands by interpolating user-supplied gitName and gitEmail values into command strings passed to child_process.exec(). The input is placed within double quotes and only \" is escaped, but backticks (`), $() command substitution, and \\ sequences are all interpreted within double-quoted strings in bash. This allows authenticated attackers to execute arbitrary OS commands via the git configuration endpoint. This vulnerability is fixed in 1.24.0."}, {"lang": "es", "value": "Cloud CLI (tambi\u00e9n conocida como Claude Code UI) es una interfaz de usuario de escritorio y m\u00f3vil para Claude Code, Cursor CLI, Codex y Gemini-CLI. Antes de la versi\u00f3n 1.24.0, el endpoint /API/user/git-config construye comandos de shell interpolando valores de gitName y gitEmail proporcionados por el usuario en cadenas de comandos pasadas a child_process.exec(). La entrada se coloca entre comillas dobles y solo ' \" ' se escapa, pero los backticks (`), la sustituci\u00f3n de comandos $() y las secuencias \\ son todas interpretadas dentro de cadenas entre comillas dobles en bash. Esto permite a atacantes autenticados ejecutar comandos arbitrarios del sistema operativo a trav\u00e9s del endpoint de configuraci\u00f3n de git. Esta vulnerabilidad se corrige en la versi\u00f3n 1.24.0."}], "id": "CVE-2026-31861", "lastModified": "2026-03-17T19:06:41.493", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-11T18:16:24.887", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/siteboon/claudecodeui/commit/86c33c1c0cb34176725a38f46960213714fc3e04"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/siteboon/claudecodeui/releases/tag/v1.24.0"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/siteboon/claudecodeui/security/advisories/GHSA-7fv4-fmmc-86g2"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/siteboon/claudecodeui/security/advisories/GHSA-7fv4-fmmc-86g2"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.24.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "claudecodeui", "source": "cna", "vendor": "siteboon"}, "product": "claudecodeui", "vendor": "siteboon"}], "analysis": {"en": {"generated_at": "2026-03-17T20:44:12.431833+00:00", "value": {"mitigation_remediation": ["Upgrade Cloud CLI UI to version 1.24.0 or newer."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The issue affects the Siteboon:Claudecodeui product, specifically all releases prior to version 1.24.0. Any installation of the desktop or mobile UI that has not been upgraded to 1.24.0 or later is vulnerable.", "description_and_impact": "The vulnerability resides in the /api/user/git-config endpoint of Cloud CLI UI, which builds shell commands by interpolating user-supplied gitName and gitEmail values into child_process.exec() calls. Because only the double-quote character is escaped, backticks, $(), and backslashes are interpreted by Bash, enabling an authenticated attacker to inject and execute arbitrary OS commands. This results in remote code execution, giving the attacker full control over the system where the UI runs.", "risk_and_exploitability": "The CVSS score of 8.7 indicates high severity, and the EPSS score of less than 1% suggests the likelihood of widespread exploitation is currently low. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires authentication to the API, so an attacker must first compromise a legitimate user account. Once authenticated, the attacker can send a crafted request to the git-config endpoint to execute arbitrary commands on the host machine."}}}}, "created": "2026-03-12T09:57:38.779530+00:00", "updated": "2026-03-20T15:30:17.247567+00:00", "vendors": ["siteboon", "siteboon$PRODUCT$claudecodeui"]}