Critical severity9.8NVD Advisory· Published Apr 27, 2026· Updated Apr 27, 2026

CVE-2026-30352

Description

A remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter.

Affected products

Leonvanzyl/Autocoderreferences

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

autocoder.comnvd
leonvanzyl.comnvd
gist.github.com/syphonetic/e3bdee6c022b36d5ecb98fbf61284931nvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000