CVE-2026-30310
Prompt Injection Vulnerability in Sixth Enables Arbitrary Command Execution
Publication date: 2026-03-31
Last updated on: 2026-04-01
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sixth | sixth | to 0.0.68 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-30310 is a remote code execution vulnerability in the Sixth software (version β€ 0.0.68). Sixth has a feature that automatically executes terminal commands in two modes: "Execute safe commands," where commands deemed safe by the model are run automatically, and "Execute all commands," which requires user approval for potentially destructive commands.
The vulnerability arises because the model that classifies commands as safe or potentially destructive is susceptible to prompt injection attacks. An attacker can craft malicious commands wrapped in a generic template that tricks the model into misclassifying them as safe commands. This bypasses the user approval step and allows the attacker to execute arbitrary commands remotely.
This issue is categorized as CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection).
How can this vulnerability impact me? :
This vulnerability can allow an attacker to execute arbitrary terminal commands on a system running the vulnerable Sixth software without requiring user approval.
Such arbitrary command execution can lead to unauthorized access, data theft, system compromise, or disruption of services depending on the commands executed by the attacker.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves prompt injection attacks that cause the Sixth software to misclassify malicious commands as safe, leading to arbitrary command execution. Detection would involve monitoring for unusual or unauthorized command executions that bypass user approval.
Since the vulnerability exploits the model's command classification, detection might include auditing logs for commands executed without user approval or commands wrapped in suspicious templates designed to bypass checks.
No specific detection commands or tools are provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
The resources do not provide explicit mitigation steps for this vulnerability.
However, general best practices would include disabling automatic execution of commands classified as safe until a patch or update is available, enforcing strict user approval for all commands, and monitoring for suspicious command execution patterns.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the vulnerability in Sixth impacts compliance with common standards and regulations such as GDPR or HIPAA.