CVE-2026-30304

Name of the Vulnerable Software and Affected Versions AI Code (affected versions not specified)

Description The software’s design, which includes options for executing safe and all commands, is susceptible to prompt injection attacks. The system is intended to automatically execute commands deemed safe by the model, while requiring user approval for potentially destructive commands. However, an attacker can use a template to disguise malicious commands as safe, bypassing the approval requirement and enabling arbitrary command execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.