CVE-2026-44211

CRITICAL NVD

CVSS Score 9.6

Severity CRITICAL

Published Jun 01, 2026

Vendor unknown

Description

Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. In versions 2.13.0 and prior, there is a cross-origin WebSocket hijack vulnerability in Cline Kanban servers. At time of publication, there are no publicly available patches.

References

https://github.com/cline/cline/security/advisories/GHSA-5c57-rqjx-35g2
https://github.com/cline/cline/security/advisories/GHSA-5c57-rqjx-35g2