Home / AI & Machine Learning

Photo of person at computer, cryptocurrency, network
Image: via image.theregister.com
AI & Machine Learning

AI Coding Assistants Vulnerable to Remote Code Execution

WireByte Staff · July 8, 2026

At least six widely used AI coding assistants, including Amazon Q Developer and Google Antigravity, contain a 'GhostApproval' vulnerability that can be exploited for remote code execution. The issue has been patched by Amazon, Cursor, and Google, but not by Augment and Windsurf, which have acknowledged the vulnerability. The flaw highlights the need for robust security measures in AI coding tools.

Key points

  • At least six AI coding assistants, including Amazon Q Developer, Anthropic Claude Code, Augment, Cursor, Google Antigravity, and Windsurf, contain a 'GhostApproval' vulnerability.
  • The vulnerability allows for remote code execution on the developer's machine and has been deemed critical or high-severity by Amazon, Cursor, and Google.
  • Amazon, Cursor, and Google have patched the issue, while Augment and Windsurf have acknowledged the vulnerability but have not taken action.
  • The flaw highlights the need for robust security measures in AI coding tools, particularly in enterprises rushing to deploy code-writing agents.
  • The vulnerability has not been confirmed to be actively exploited in the wild, but it is considered a serious threat to enterprise security.

A recent discovery by Wiz, a Google-owned security firm, has revealed a 'GhostApproval' vulnerability in at least six widely used AI coding assistants. The vulnerability allows for remote code execution on the developer's machine, making it a critical issue for enterprises that rely on these tools.

The affected AI coding assistants include Amazon Q Developer, Anthropic Claude Code, Augment, Cursor, Google Antigravity, and Windsurf. While Amazon, Cursor, and Google have patched the issue, Augment and Windsurf have acknowledged the vulnerability but have not taken action.

The 'GhostApproval' vulnerability highlights the need for robust security measures in AI coding tools, particularly in enterprises rushing to deploy code-writing agents. As Wiz threat researcher Maor Dokhanian noted, 'AI coding tools are routinely granted deep access to enterprise codebases and cloud environments.' This raises concerns about the trust-boundary gaps between users, AI agents, and local filesystems.

While there is no indication that the vulnerability is being actively exploited in the wild, it is considered a serious threat to enterprise security. As the use of AI coding assistants continues to grow, it is essential for developers and enterprises to prioritize security and implement robust measures to prevent such vulnerabilities.

Sources

WireByte Staff — Editorial Team

The WireByte editorial team synthesises technology news from multiple primary sources, verifies the facts, and links every source. Articles are produced with AI assistance and reviewed under our editorial policy.