CVE-2026-30304: In its design for automatic terminal command execution, AI Code offers two options: Execute safe commands and execute al

Description

In its design for automatic terminal command execution, AI Code offers two options: Execute safe commands and execute all commands. The description for the former states that commands determined by the model to be safe will be automatically executed, whereas if the model judges a command to be potentially destructive, it still requires user approval. However, this design is highly susceptible to prompt injection attacks. An attacker can employ a generic template to wrap any malicious command and mislead the model into misclassifying it as a 'safe' command, thereby bypassing the user approval requirement and resulting in arbitrary command execution.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a

References

Related News (1 articles)

Tier C

VulDB8h ago

CVE-2026-30304 | AI Code Terminal Command injection

→ No new info (linked only)

CVSS 3.19.6 CRITICAL

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited✅ Yes

Published3/27/2026

Last enriched7h agov2

Trending Score61

Source articles1

Independent1

Info Completeness6/14

Missing: cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Version History

Last enriched 7h ago

v2Tier C7h ago

Updated vendor to AI Code, product to Terminal Command Handler, severity to CRITICAL, and noted that the vulnerability is actively exploited.

descriptionseverityactivelyExploited

via VulDB

v18h ago

Initial creation