top of page
perceptive_background_267k.jpg

Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. In versions 2.13.0 and prior, there is a cross-origin WebSocket hijack vulnerabi…

Published:

31 mei 2026 om 22:00:00

Alert date:

1 juni 2026 om 19:03:21

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Security Tools

Cline autonomous coding agent contains a cross-origin WebSocket hijack vulnerability in its Kanban servers affecting versions 2.13.0 and prior. The vulnerability impacts the SDK, IDE extension, and CLI assistant components. No publicly available patches exist at the time of publication. This represents an active security risk for development environments using Cline. The vulnerability could potentially allow attackers to hijack WebSocket connections across different origins.

Technical details

Mitigation steps:

Affected products:

Cline

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-44211
https://github.com/cline/cline/security/advisories/GHSA-5c57-rqjx-35g2

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page