CVE-2026-44691
Received Received - Intake
Arbitrary Code Execution in Eclipse Theia

Publication date: 2026-06-18

Last updated on: 2026-06-18

Assigner: Eclipse Foundation

Description
In Eclipse Theia versions prior to 1.69.0, custom task definitions in workspace files (e.g. .theia/tasks.json, .vscode/tasks.json) could be executed without requiring workspace trust. An attacker could craft a malicious repository that, when cloned and opened in Theia, leads to execution of arbitrary commands with the user's privileges. In combination with AI chat features and a workspace .theia/settings.json that disabled tool confirmation, this could be triggered automatically by sending a message in the AI chat.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-18
Last Modified
2026-06-18
Generated
2026-06-19
AI Q&A
2026-06-18
EPSS Evaluated
N/A
NVD
CVE-2026-44691
EUVD
EUVD-2026-37901
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
eclipse theia to 1.69.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-829 The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

Eclipse Theia versions prior to 1.69.0 have a vulnerability where custom task definitions in workspace files such as .theia/tasks.json or .vscode/tasks.json can be executed without requiring workspace trust.

An attacker can exploit this by creating a malicious repository that, when cloned and opened in Theia, causes arbitrary commands to be executed with the user's privileges.

This vulnerability can be triggered automatically if AI chat features are used and a workspace .theia/settings.json disables tool confirmation, allowing commands to be executed simply by sending a message in the AI chat.

Impact Analysis

This vulnerability allows an attacker to execute arbitrary commands on your system with your user privileges by simply opening a malicious repository in Eclipse Theia.

If combined with AI chat features and disabled tool confirmation, the attack can be triggered automatically without additional user interaction.

This could lead to unauthorized actions on your system, potentially compromising your data, system integrity, and security.

Detection Guidance

This vulnerability can be detected by checking if your Eclipse Theia installation is a version prior to 1.69.0 and if your workspace contains custom task definition files such as `.theia/tasks.json` or `.vscode/tasks.json` that could be executed without workspace trust.

Additionally, inspect the workspace `.theia/settings.json` file to see if tool confirmation is disabled, which could allow automatic triggering of the vulnerability via AI chat features.

There are no specific commands provided in the available resources to detect this vulnerability directly on your system or network.

Mitigation Strategies

The immediate step to mitigate this vulnerability is to upgrade Eclipse Theia to version 1.69.0 or later, where the issue has been fixed.

Additionally, review and restrict the execution of custom task definitions in workspace files such as `.theia/tasks.json` and `.vscode/tasks.json` by enabling workspace trust features.

Ensure that the workspace `.theia/settings.json` does not disable tool confirmation, especially when using AI chat features, to prevent automatic execution of arbitrary commands.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44691. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart