Prompt Injection Vulnerability in Windsurf by Ox Security
CVE-2026-30615

8HIGH

Key Information:

Vendor: Ox Security
Status: Windsurf
Vendor: CVE Published:; 15 April 2026

🔔 Create Ox Security Vulnerability Alert

What is CVE-2026-30615?

A prompt injection vulnerability exists in Windsurf 1.9544.26, enabling remote attackers to execute arbitrary commands on affected systems. The flaw arises when the application processes HTML content controlled by attackers. This can lead to unauthorized changes to the local MCP configuration, including the automatic enrollment of a malicious MCP STDIO server. If exploited, an attacker can execute commands as the user, alter MCP configurations persistently, and potentially access sensitive information. It's crucial for users of this software to audit their configurations and apply necessary updates to mitigate such risks.

References

https://www.ox.security/blog/mcp-supply-chain-advisory-rc...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2026
Vulnerability Reserved
Mar 4, 2026

CVE-2026-30615 Data

JSON