CVE-2026-30312
Received Received - Intake
OS Command Injection in DSAI-Cline Auto-Approval Enables RCE

Publication date: 2026-03-31

Last updated on: 2026-04-01

Assigner: MITRE

Description
DSAI-Cline's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on string-based parsing to validate commands; while it intercepts dangerous operators such as ;, &&, ||, |, and command substitution patterns, it fails to account for raw newline characters embedded within the input. An attacker can construct a payload by embedding a literal newline between a whitelisted command and malicious code (e.g., git log malicious_command), forcing DSAI-Cline to misidentify it as a safe operation and automatically approve it. The underlying PowerShell interpreter treats the newline as a command separator, executing both commands sequentially, resulting in Remote Code Execution without any user interaction.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-31
Last Modified
2026-04-01
Generated
2026-06-16
AI Q&A
2026-03-31
EPSS Evaluated
2026-06-14
NVD
CVE-2026-30312
EUVD
EUVD-2026-17425
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in DSAI-Cline's command auto-approval module, which is designed to automatically approve certain commands based on a whitelist. The module attempts to block dangerous command operators like ;, &&, ||, |, and command substitution patterns by parsing the input as a string.

However, it fails to detect raw newline characters embedded within the input. An attacker can exploit this by inserting a newline between a whitelisted command and malicious code. Because the system does not recognize the newline as a separator, it mistakenly treats the entire input as safe and auto-approves it.

The underlying PowerShell interpreter then executes the commands sequentially, interpreting the newline as a command separator. This leads to remote code execution without any user interaction.

Impact Analysis

This vulnerability allows an attacker to execute arbitrary commands remotely on the affected system without requiring user interaction.

Because the whitelist security mechanism is bypassed, malicious commands can run with the same privileges as the auto-approval module, potentially leading to full system compromise.

The impact includes unauthorized access, data theft, system manipulation, installation of malware, and disruption of services.

Compliance Impact

The vulnerability allows remote code execution without user interaction by bypassing the whitelist security mechanism. This can lead to unauthorized access, data breaches, and potential manipulation or exfiltration of sensitive information.

Such unauthorized access and potential data compromise can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict controls to protect personal and sensitive data.

However, the provided information does not explicitly detail the direct effects on compliance frameworks.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-30312. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart