top of page
perceptive_background_267k.jpg

Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. In versions 2.13.0 and prior, there is a cross-origin WebSocket hijack vulnerabi…

Published:

31 May 2026 at 22:00:00

Alert date:

1 June 2026 at 18:04:01

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Enterprise Applications

CVE-2026-44211 affects Cline, an autonomous coding agent available as SDK, IDE extension, or CLI assistant. Versions 2.13.0 and prior contain a cross-origin WebSocket hijack vulnerability in Cline Kanban servers. The vulnerability allows attackers to hijack WebSocket connections across different origins. No publicly available patches exist at the time of publication. The issue impacts the security of Cline's server component used for Kanban functionality. Users should consider mitigating measures until patches become available.

Technical details

Mitigation steps:

Affected products:

Cline

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-44211
https://github.com/cline/cline/security/advisories/GHSA-5c57-rqjx-35g2

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page