CVE-2026-30352

Description

A remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter.

References

• http://autocoder.com
• http://leonvanzyl.com
• https://gist.github.com/syphonetic/e3bdee6c022b36d5ecb98fbf61284931
• https://github.com/leonvanzyl/autocoder