AI Chat Agent Vulnerability in Eclipse Theia Affects Workspace Security
CVE-2026-44688

8.4HIGH

Key Information:

Vendor: Eclipse Foundation
Status: Eclipse Theia
Vendor: CVE Published:; 18 June 2026

🔔 Create Eclipse Foundation Vulnerability Alert

What is CVE-2026-44688?

In Eclipse Theia, prior to version 1.71.0, the AI chat agent mishandled workspace file and directory names as part of its prompt context, failing to differentiate them from system instructions. This oversight allowed attackers to create malicious repositories with carefully crafted directory or file names. When the AI agent analyzed these inputs, it could inadvertently execute attacker-controlled commands, a situation representing indirect prompt injection. This vulnerability, when exploited in conjunction with other untrusted workspace features, paved the way for potential data exfiltration through various means, including Markdown image rendering, as well as the execution of arbitrary commands via task definitions.

Affected Version(s)

Eclipse Theia 0 < 1.71.0

References

https://gitlab.eclipse.org/security/cve-assignment/-/work...

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2026
Vulnerability Reserved
May 22, 2026

Credit

Piotr Ryciak (https://gitlab.eclipse.org/void01)

CVE-2026-44688 Data

JSON