top of page
perceptive_background_267k.jpg

In its design for automatic terminal command execution, AI Code offers two options: Execute safe commands and execute all commands. The description for the form…

Published:

26 March 2026 at 23:00:00

Alert date:

27 March 2026 at 21:04:38

Source:

nvd.nist.gov

Click to open the original link from this advisory

Emerging Technologies, Security Tools

CVE-2026-30304 affects AI Code's automatic terminal command execution feature. The vulnerability allows attackers to use prompt injection attacks to bypass safety mechanisms by wrapping malicious commands in templates that mislead the AI model into classifying them as 'safe' commands. This results in arbitrary command execution without user approval, circumventing the intended security controls in the 'Execute safe commands' mode.

Technical details

Mitigation steps:

Affected products:

AI Code

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-30304
https://github.com/Secsys-FDU/LLM-Tool-Calling-CVEs/issues/2
https://marketplace.visualstudio.com/items?itemName=tianguaduizhang.claude-dev-china

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page