Description
Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, The /api/user/git-config endpoint constructs shell commands by interpolating user-supplied gitName and gitEmail values into command strings passed to child_process.exec(). The input is placed within double quotes and only " is escaped, but backticks (`), $() command substitution, and \ sequences are all interpreted within double-quoted strings in bash. This allows authenticated attackers to execute arbitrary OS commands via the git configuration endpoint. This vulnerability is fixed in 1.24.0.
Published: 2026-03-11
Score: 8.7 High
EPSS: 6.0% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the /api/user/git-config endpoint of Cloud CLI UI, which builds shell commands by interpolating user‑supplied gitName and gitEmail values into child_process.exec() calls. Because only the double‑quote character is escaped, backticks, $(), and backslashes are interpreted by Bash, enabling an authenticated attacker to inject and execute arbitrary OS commands. This results in remote code execution, giving the attacker full control over the system where the UI runs.

Affected Systems

The issue affects the Siteboon:Claudecodeui product, specifically all releases prior to version 1.24.0. Any installation of the desktop or mobile UI that has not been upgraded to 1.24.0 or later is vulnerable.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity, and the EPSS score of 6% suggests a moderate likelihood that exploitation will occur. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires authentication to the API, so an attacker must first compromise a legitimate user account. Once authenticated, the attacker can send a crafted request to the git-config endpoint to execute arbitrary commands on the host machine.

Generated by OpenCVE AI on June 18, 2026 at 10:19 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Cloud CLI UI to version 1.24.0 or newer.
  • Restrict or disable the /api/user/git-config endpoint for all users except those who need to use it, applying role‑based access control to limit the user base to trusted accounts.
  • Monitor application logs for unusual values in gitName or gitEmail parameters and trigger alerts on patterns that may indicate injection attempts.

Generated by OpenCVE AI on June 18, 2026 at 10:19 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-7fv4-fmmc-86g2 @siteboon/claude-code-ui is Vulnerable to Shell Command Injection in Git Routes
History

Tue, 17 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Cloudcli
Cloudcli cloud Cli
CPEs cpe:2.3:a:cloudcli:cloud_cli:*:*:*:*:*:*:*:*
Vendors & Products Cloudcli
Cloudcli cloud Cli
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Thu, 12 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 12 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Siteboon
Siteboon claudecodeui
Vendors & Products Siteboon
Siteboon claudecodeui

Wed, 11 Mar 2026 17:45:00 +0000

Type Values Removed Values Added
Description Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, The /api/user/git-config endpoint constructs shell commands by interpolating user-supplied gitName and gitEmail values into command strings passed to child_process.exec(). The input is placed within double quotes and only " is escaped, but backticks (`), $() command substitution, and \ sequences are all interpreted within double-quoted strings in bash. This allows authenticated attackers to execute arbitrary OS commands via the git configuration endpoint. This vulnerability is fixed in 1.24.0.
Title Shell Command Injection in Git Routes [CloudCLI UI]
Weaknesses CWE-94
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Cloudcli Cloud Cli
Siteboon Claudecodeui
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-12T14:07:17.766Z

Reserved: 2026-03-09T19:02:25.012Z

Link: CVE-2026-31861

cve-icon Vulnrichment

Updated: 2026-03-12T14:07:04.043Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-11T18:16:24.887

Modified: 2026-06-17T10:34:39.100

Link: CVE-2026-31861

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T10:30:05Z

Weaknesses
  • CWE-94

    Improper Control of Generation of Code ('Code Injection')