Can you explain this vulnerability to me?

CVE-2026-31861 is a critical Shell Command Injection vulnerability in the Cloud CLI (aka Claude Code UI) software, specifically affecting versions up to 1.23.0. The issue exists in the /api/user/git-config endpoint, where user-supplied gitName and gitEmail values are directly inserted into shell commands executed by child_process.exec(). Although double quotes are escaped, other special characters like backticks, command substitution syntax, and backslash sequences are still interpreted by the shell, allowing an authenticated attacker to inject and execute arbitrary operating system commands.

This vulnerability requires network access and JWT authentication, but can be exploited without authentication if combined with another vulnerability that allows forging JWT tokens. The attacker can achieve remote code execution with the privileges of the Node.js process user.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

The impact of this vulnerability includes full remote code execution (RCE) on the server running the Cloud CLI application, with the privileges of the Node.js process user. An attacker can modify server-wide git configuration, affecting all git operations.

• Execute arbitrary OS commands remotely.
• Modify git configuration globally on the server.
• Read and write files on the server.
• Install backdoors or malware.
• Perform lateral movement within the network.
• Exfiltrate sensitive data.

Useful 0 Not Useful 0

How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring for suspicious or unexpected shell command executions originating from the /api/user/git-config endpoint, especially commands that include unusual characters such as backticks (`), $() command substitutions, or backslash sequences within gitName or gitEmail parameters.

Since the vulnerability involves command injection via user-supplied git configuration values, detection can involve inspecting logs for git config commands executed with unexpected or malicious input.

Suggested commands to detect exploitation attempts include searching process execution logs or monitoring network requests to the vulnerable endpoint for suspicious payloads.

• Check running processes or recent commands for suspicious git config commands, e.g., using: ps aux | grep git
• Inspect server logs for requests to /api/user/git-config containing suspicious characters like backticks or $() in gitName or gitEmail fields.
• Use network monitoring tools to capture and analyze HTTP requests to the vulnerable endpoint for command injection patterns.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to upgrade the Cloud CLI (Claude Code UI) to version 1.24.0 or later, where this vulnerability is fixed.

The fix involves replacing the use of child_process.exec() with child_process.spawn() using array arguments to avoid shell interpretation of user inputs.

If upgrading immediately is not possible, avoid exposing the /api/user/git-config endpoint to untrusted users and restrict access to authenticated and trusted users only.

• Upgrade to version 1.24.0 or later of Cloud CLI (Claude Code UI).
• Apply the patch that replaces exec() calls with spawn() calls for git config commands.
• Restrict network access to the vulnerable endpoint and monitor for suspicious activity.

Useful 0 Not Useful 0