top of page
perceptive_background_267k.jpg

Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. In versions 2.13.0 and prior, there is a cross-origin WebSocket hijack vulnerabi…

Published:

31 mei 2026 om 22:00:00

Alert date:

1 juni 2026 om 18:04:01

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Enterprise Applications

CVE-2026-44211 affects Cline, an autonomous coding agent available as SDK, IDE extension, or CLI assistant. Versions 2.13.0 and prior contain a cross-origin WebSocket hijack vulnerability in Cline Kanban servers. The vulnerability allows attackers to hijack WebSocket connections across different origins. No publicly available patches exist at the time of publication. The issue impacts the security of Cline's server component used for Kanban functionality. Users should consider mitigating measures until patches become available.

Technical details

Mitigation steps:

Affected products:

Cline

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-44211
https://github.com/cline/cline/security/advisories/GHSA-5c57-rqjx-35g2

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page