CVE-2026-47091

🗓️ 18 May 2026 19:45:55Reported by VulnCheckType

Path traversal in Claude HUD enables reading files via unvalidated transcript_path from stdin JSON; cache persists.

Reporter	Title	Published	Views	Family All 8
ATTACKERKB	CVE-2026-47091	18 May 202619:45	–	attackerkb
CNNVD	Claude HUD 路径遍历漏洞	18 May 202600:00	–	cnnvd
Cvelist	CVE-2026-47091 Claude HUD 0.0.12 Path Traversal via transcript_path	18 May 202619:45	–	cvelist
EUVD	EUVD-2026-30800	18 May 202619:45	–	euvd
NVD	CVE-2026-47091	18 May 202620:16	–	nvd
Positive Technologies	PT-2026-41731	18 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-47091	5 Jun 202619:37	–	redhatcve
Vulnrichment	CVE-2026-47091 Claude HUD 0.0.12 Path Traversal via transcript_path	18 May 202619:45	–	vulnrichment

NVD

Vulners

Node

jarrodwatts claude_hudRange≤0.0.12claude_code

[
  {
    "defaultStatus": "affected",
    "vendor": "jarrodwatts",
    "product": "claude-hud",
    "repo": "https://github.com/jarrodwatts/claude-hud",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "semver",
        "lessThanOrEqual": "0.0.12"
      },
      {
        "status": "unaffected",
        "version": "234d9aad919b51326a43bcf90b45ae35c23afc30",
        "versionType": "git"
      }
    ]
  }
]

Source	Link
github	www.github.com/jarrodwatts/claude-hud/issues/485
github	www.github.com/jarrodwatts/claude-hud/pull/487
github	www.github.com/jarrodwatts/claude-hud/commit/234d9aad919b51326a43bcf90b45ae35c23afc30
vulncheck	www.vulncheck.com/advisories/claude-hud-path-traversal-via-transcript-path

02 Jun 2026 19:09Current

5.9Medium risk

Vulners AI Score5.9

CVSS 3.13.3

CVSS 44.8

EPSS0.00015

SSVC

CWE-22