CVE-2026-30308
Received Received - Intake
Prompt Injection Vulnerability in HAI Build Code Generator Enables Arbitrary Command Execution

Publication date: 2026-03-30

Last updated on: 2026-04-08

Assigner: MITRE

Description
In its design for automatic terminal command execution, HAI Build Code Generator offers two options: Execute safe commands and Execute all commands. The description for the former states that commands determined by the model to be safe will be automatically executed, whereas if the model judges a command to be potentially destructive, it still requires user approval. However, this design is highly susceptible to prompt injection attacks. An attacker can employ a generic template to wrap any malicious command and mislead the model into misclassifying it as a 'safe' command, thereby bypassing the user approval requirement and resulting in arbitrary command execution.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-30
Last Modified
2026-04-08
Generated
2026-05-07
AI Q&A
2026-03-31
EPSS Evaluated
2026-05-05
NVD
CVE-2026-30308
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
presidio hai_build to 3.13.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The vulnerability in HAI Build Code Generator allows an attacker to bypass user approval and execute arbitrary commands by exploiting prompt injection attacks. This could lead to unauthorized access or manipulation of sensitive data or systems.

Such unauthorized command execution risks violating compliance requirements in standards like GDPR and HIPAA, which mandate strict controls over data access, integrity, and security. If exploited, this vulnerability could result in data breaches or unauthorized data processing, thereby impacting compliance with these regulations.


Can you explain this vulnerability to me?

The vulnerability exists in the HAI Build Code Generator's design for automatic terminal command execution. It offers two modes: one that executes only commands deemed safe by the model, and another that executes all commands. The safe mode is supposed to require user approval for potentially destructive commands. However, attackers can exploit this by using prompt injection attacks, wrapping malicious commands in a way that tricks the model into classifying them as safe. This bypasses the user approval step and allows arbitrary command execution.


How can this vulnerability impact me? :

This vulnerability can lead to arbitrary command execution without user approval. An attacker exploiting this flaw could run malicious commands on the system, potentially leading to unauthorized access, data manipulation, system compromise, or other harmful effects depending on the commands executed.


What immediate steps should I take to mitigate this vulnerability?

The vulnerability arises from the automatic execution of terminal commands by the HAI Build Code Generator, where malicious commands can bypass user approval by being misclassified as safe.

Immediate mitigation steps include disabling or restricting the automatic execution of commands, especially the 'Execute all commands' option, to ensure that potentially destructive commands always require explicit user approval.

Additionally, reviewing and updating the command classification logic to prevent prompt injection attacks and implementing strict input validation can help reduce the risk.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart