CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-59723

highCVSS 8.8covered by 1 sourcefirst seen 2026-07-08
Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. Prior to 3.0.30, the Cline Hub dashboard server launched by the cline dashboard command accepts WebSocket connections on the /browser endpoint without validating the Origin header, and when ROOM_SECRET is unset for local 127.0.0.1 binds, isAuthorizedBrowserRequest() allows attacker-controlled websites to send desktopCommand frames that read workspace state, mutate MCP and provider settings, and trigger command execution when a provider or model is configured. This issue is fixed in version 3.0.30.

⚡ Watch CVE-2026-59723

Get an email if CVE-2026-59723 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-59723

CVE.org record

Embed the live status

CVE-2026-59723 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-59723 status](https://www.csirts.com/badge/CVE-2026-59723)](https://www.csirts.com/cve/CVE-2026-59723)