Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.4 views

Anthropic Claude Code < 2.1.7 Permission Deny Bypass Through Symbolic Links (CVE-2026-25724)

The version of Anthropic Claude Code installed on the remote host is prior to 2.1.7. It is, therefore, affected by a permission bypass vulnerability. Claude Code failed to strictly enforce deny rules configured in settings.json when accessing files through symbolic links. If a user explicitly...

7.5CVSS5.9AI score0.00376EPSS
Exploits0References2
Circl
Circl
added 2026/02/08 3:40 a.m.8 views

CVE-2026-25724

creationtimestamp| type| source ---|---|--- 2026-02-08 03:40:06+00:00| seen| https://gist.github.com/alon710/1c6b06029608bb23418dcb4699619f4d 2026-02-09 16:07:39+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3megtfbdmwi2v...

7.5CVSS5.1AI score0.00376EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/07 7:31 p.m.8 views

CVE-2026-25724

Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code failed to strictly enforce deny rules configured in settings.json when accessing files through symbolic links. If a user explicitly denied Claude Code access to a file such as /etc/passwd and Claude Code had access to a...

7.5CVSS5.3AI score0.00376EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/06 5:53 p.m.30 views

CVE-2026-25724 Claude Code Has Permission Deny Bypass Through Symbolic Links

Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code failed to strictly enforce deny rules configured in settings.json when accessing files through symbolic links. If a user explicitly denied Claude Code access to a file such as /etc/passwd and Claude Code had access to a...

2.3CVSS0.00376EPSS
Exploits0References1
CVE
CVE
added 2026/02/06 5:53 p.m.24 views

CVE-2026-25724

Claude Code has a permission-deny bypass flaw via symbolic links. Prior to version 2.1.7, if access to a file (e.g., /etc/passwd) was denied but Claude Code could reach a symlink to that file, the tool could read the restricted file without enforcing the deny rule. The issue has been patched in v...

7.5CVSS5.4AI score0.00376EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/02/06 5:53 p.m.7 views

CVE-2026-25724 Claude Code Has Permission Deny Bypass Through Symbolic Links

Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code failed to strictly enforce deny rules configured in settings.json when accessing files through symbolic links. If a user explicitly denied Claude Code access to a file such as /etc/passwd and Claude Code had access to a...

2.3CVSS5.4AI score0.00376EPSS
Exploits0References4
Rows per page
Query Builder