Vulnerability in N/a

CVE-2026-30615

A prompt injection vulnerability in Windsurf 1.9544.26 allows remote attackers to execute arbitrary commands on a victim system. When Windsurf processes attacker-controlled HTML content, malicious instructions can cause unauthorized modifi…

EPSS: 0.001 (20.3th percentile) — read the EPSS interpretation.

Affected products

  • N/a — versions n/a

References