453 matches found
EUVD-2025-29501
Malicious code in bioql PyPI...
EUVD-2025-23573
Malicious code in bioql PyPI...
EUVD-2025-27564
Malicious code in bioql PyPI...
EUVD-2025-23572
Malicious code in bioql PyPI...
EUVD-2025-19068
Malicious code in bioql PyPI...
CVE-2025-59829
CVE-2025-59829 affects Claude Code (Anthropic) prior to version 1.0.120. The root cause is improper handling of symbolic links when evaluating permission-deny rules, enabling a user-denied file to be accessed via a symlink pointing to that file. The issue is fixed in 1.0.120. Impact is exposure o...
CVE-2025-59829 Claude Code: Permission deny bypass is possible through symlink
Claude Code is an agentic coding tool. Versions below 1.0.120 failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the...
CVE-2025-59829 Claude Code: Permission deny bypass is possible through symlink
Claude Code is an agentic coding tool. Versions below 1.0.120 failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the...
CVE-2025-59829 Claude Code: Permission deny bypass is possible through symlink
Claude Code is an agentic coding tool. Versions below 1.0.120 failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the...
EUVD-2025-32293
Claude Code is an agentic coding tool. Versions below 1.0.120 failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the...
UNIX Symbolic Link (Symlink) Following
Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink...
GHSA-66M2-GX93-V996 Claude Code permission deny bypass through symlink
Claude Code failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the file. Users on standard Claude Code auto-update wil...
@4via6/relay (>=1.0.0 <=1.1.3), @axonpush/wizard (>=0.0.1 <=0.0.4) +13 more potentially affected by CVE-2025-59829 via @anthropic-ai/claude-code (>=0.2.126 <=1.0.119)
@anthropic-ai/claude-code NPM version =0.2.126, =1.0.0, =0.0.1, =0.0.55, =2.13.0-canary.3413b9c, =1.0.0, =0.4.2, =0.0.1, =0.0.1, =1.8.0, =0.1.51, =1.4.0, =0.0.1, =0.0.1, =0.0.5 Source cves: CVE-2025-59829 Source advisory: OSV:GHSA-66M2-GX93-V996...
@circleci/agents (>=2.13.0-canary.3413b9c <=2.13.2-canary.8150572), @zed-industries/claude-code-acp (>=0.4.2 <=0.4.3) +1 more potentially affected by CVE-2025-59829 via @anthropic-ai/claude-code (>=1.0.108 <=1.0.119)
@anthropic-ai/claude-code NPM version =1.0.108, =2.13.0-canary.3413b9c, =0.4.2, =0.1.51, =0.1.56 Source cves: CVE-2025-59829 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-13299550...
Claude Code permission deny bypass through symlink
Claude Code failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the file. Users on standard Claude Code auto-update wil...
Arbitrary Code Injection
Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Arbitrary Code Injection via th...
@4via6/relay (>=1.0.0 <=1.1.3), @axonpush/wizard (>=0.0.1 <=0.0.4) +12 more potentially affected by CVE-2025-59536 via @anthropic-ai/claude-code (>=0.2.126 <=1.0.108)
@anthropic-ai/claude-code NPM version =0.2.126, =1.0.0, =0.0.1, =0.0.55, =1.0.0, =0.0.1, =0.0.1, =1.8.0, =0.1.51, =1.4.0, =0.0.1, =0.0.1, =0.0.5 Source cves: CVE-2025-59536 Source advisory: OSV:GHSA-4FGQ-FPQ9-MR3G...
GHSA-4FGQ-FPQ9-MR3G Claude Code can execute commands prior to the startup trust dialog
Due to a bug in the startup trust dialog implementation, Claude Code could be tricked to execute code contained in a project before the user accepted the startup trust dialog. Exploiting this requires a user to start Claude Code in an untrusted directory. Users on standard Claude Code auto-update...
@circleci/agents (=2.13.2-canary.8150572), claude-code-webui (>=0.1.51 <=0.1.56) potentially affected by CVE-2025-59536 via @anthropic-ai/claude-code (=1.0.108)
@anthropic-ai/claude-code NPM version =1.0.108 is affected by a known vulnerability. The following packages have a transitive dependency on @anthropic-ai/claude-code and may be impacted: - @circleci/agents =2.13.2-canary.8150572 - claude-code-webui =0.1.51, =0.1.56 Source cves: CVE-2025-59536...
CVE-2025-59536
Claude Code (Anthropic) versions before 1.0.111 are vulnerable to code injection due to a flaw in the startup trust dialog. An attacker could trick a user into starting Claude Code in an untrusted project directory, causing code from that project to execute before the user accepts the startup tru...