Exploit for CVE-2026-31862

Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, multiple Git-related API endpoints use execAsync() with string interpolation of user-controlled parameters (file, branch, message, commit), allowing authenticated attackers to execute arbitrary OS commands. This vulnerability is fixed in 1.24.0.

Published: 2026-03-11

CVSS: 9.1

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Download Exploit for CVE-2026-31862 here:

http://zeroday3sv534ljdendaufcrorz67yg6iujdpaknp6zqgxaevb7okfid.onion/exploit-for-cve-2026-31862.774/

Use Tor Browser to access .onion site.

https://sonitex.com/exploit-748-cve-2025-67038/

https://sonitex.com/exploit-42-cve-2026-24956/

https://sonitex.com/exploit-175-cve-2026-2776/

https://sonitex.com/exploit-655-cve-2026-3747/