VYPR
Critical severity9.6GHSA Advisory· Published Jun 1, 2026· Updated Jun 3, 2026

CVE-2026-44211

CVE-2026-44211

Description

Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. In versions 2.13.0 and prior, there is a cross-origin WebSocket hijack vulnerability in Cline Kanban servers. At time of publication, there are no publicly available patches.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
clinenpm
<= 2.13.0

Affected products

3
  • Cline/ClineGHSA2 versions
    <= 2.13.0+ 1 more
    • (no CPE)range: <= 2.13.0
    • cpe:2.3:a:cline:cline:*:*:*:*:*:*:*:*range: <=2.13.0
  • ghsa-coords
    Range: <= 2.13.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.