CVE-2026-30310
Received Received - Intake
Prompt Injection Vulnerability in Sixth Enables Arbitrary Command Execution

Publication date: 2026-03-31

Last updated on: 2026-04-01

Assigner: MITRE

Description
In its design for automatic terminal command execution, Sixth offers two options: Execute safe commands and Execute all commands. The description for the former states that commands determined by the model to be safe will be automatically executed, whereas if the model judges a command to be potentially destructive, it still requires user approval. However, this design is highly susceptible to prompt injection attacks. An attacker can employ a generic template to wrap any malicious command and mislead the model into misclassifying it as a 'safe' command, thereby bypassing the user approval requirement and resulting in arbitrary command execution.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-31
Last Modified
2026-04-01
Generated
2026-06-16
AI Q&A
2026-03-31
EPSS Evaluated
2026-06-14
NVD
CVE-2026-30310
EUVD
EUVD-2026-17410
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
sixth sixth to 0.0.68 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify how the vulnerability in Sixth impacts compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2026-30310 is a remote code execution vulnerability in the Sixth software (version ≀ 0.0.68). Sixth has a feature that automatically executes terminal commands in two modes: "Execute safe commands," where commands deemed safe by the model are run automatically, and "Execute all commands," which requires user approval for potentially destructive commands.

The vulnerability arises because the model that classifies commands as safe or potentially destructive is susceptible to prompt injection attacks. An attacker can craft malicious commands wrapped in a generic template that tricks the model into misclassifying them as safe commands. This bypasses the user approval step and allows the attacker to execute arbitrary commands remotely.

This issue is categorized as CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection).

Impact Analysis

This vulnerability can allow an attacker to execute arbitrary terminal commands on a system running the vulnerable Sixth software without requiring user approval.

Such arbitrary command execution can lead to unauthorized access, data theft, system compromise, or disruption of services depending on the commands executed by the attacker.

Detection Guidance

This vulnerability involves prompt injection attacks that cause the Sixth software to misclassify malicious commands as safe, leading to arbitrary command execution. Detection would involve monitoring for unusual or unauthorized command executions that bypass user approval.

Since the vulnerability exploits the model's command classification, detection might include auditing logs for commands executed without user approval or commands wrapped in suspicious templates designed to bypass checks.

No specific detection commands or tools are provided in the available resources.

Mitigation Strategies

The resources do not provide explicit mitigation steps for this vulnerability.

However, general best practices would include disabling automatic execution of commands classified as safe until a patch or update is available, enforcing strict user approval for all commands, and monitoring for suspicious command execution patterns.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-30310. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart