VYPR

npm package

@siteboon/claude-code-ui

pkg:npm/%40siteboon/claude-code-ui

Vulnerabilities (2)

  • CVE-2026-31975Mar 11, 2026
    affected < 1.25.0fixed 1.25.0

    Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.25.0, OS Command Injection via WebSocket Shell. Both projectPath and initialCommand in server/index.js are taken directly from the WebSocket message payload an

  • CVE-2026-31861Mar 11, 2026
    affected < 1.24.0fixed 1.24.0

    Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, The /api/user/git-config endpoint constructs shell commands by interpolating user-supplied gitName and gitEmail values into command strings passed to chi