VYPR

npm package

cline

pkg:npm/cline

Malware

2 malicious versions on record

One or more versions of this package have been flagged as containing malicious code. Audit any system that installed an affected version.

Vulnerabilities (1)

  • CVE-2026-44211CriJun 1, 2026
    affected <= 2.13.0

    Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. In versions 2.13.0 and prior, there is a cross-origin WebSocket hijack vulnerability in Cline Kanban servers. At time of publication, there are no publicly available patches.