3 matches found
CVE-2026-35020
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the command lookup helper and deep-link terminal launcher that allows local attackers to execute arbitrary commands by manipulating the TERMINAL environment variable. Attackers can inject shell...
CVE-2026-35020
creationtimestamp| type| source ---|---|--- 2026-04-06 21:20:59+00:00| seen| Telegram/8Tvza3k4qy2IjH2O3f59isxEIVitW69EvgGBkLG1GZexI3E 2026-04-07 06:00:52+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3miv42qcohd27 2026-04-30 04:37:07+00:00| seen|...
CVE-2026-35020
Rejected reason: This CVE ID has been rejected by the its CVE Numbering Authority CNA. It was determined that the attack requires an attacker to already control arbitrary environment variables, a level of access they consider functionally equivalent to code execution and outside the threat model ...