453 matches found
CVE-2025-55284 Claude Code's Permissive Default Allowlist Enables Unauthorized File Read and Network Exfiltration in Claude Code
Claude Code is an agentic coding tool. Prior to version 1.0.4, it's possible to bypass the Claude Code confirmation prompts to read a file and then send file contents over the network without user confirmation due to an overly broad allowlist of safe commands. Reliably exploiting this requires th...
CVE-2025-55284
Claude Code prior to 1.0.4 contains an overly broad default allowlist of safe commands, enabling reading a local file and exfiltrating its contents over the network without user confirmation if untrusted content is injected into the Claude Code context window. The root cause is a permissive allow...
Claude Code 操作系统命令注入漏洞
Claude Code is an open source proxy coding tool from Anthropic. An operating system command injection vulnerability exists in versions of Claude Code prior to 1.0.4, which stems from an overly broad list of allowed security commands that could lead to unacknowledged file reads and network transfe...
PT-2025-33516
Name of the Vulnerable Software and Affected Versions: Claude Code versions prior to 1.0.4 Claude Code versions prior to 1.0.24 Description: Claude Code is an agentic coding tool. Prior to version 1.0.4, it’s possible to bypass the confirmation prompts to read a file and then send file contents...
Pushing Boundaries With Claude Code
Claude Code stormed onto the programming scene when Anthropic launched it in February of this year. It moved, what Andrej Karpathy has called "The Autonomy Slider" from around a three to a solid eight. What this means is that you can give Claude Code direction, it will come up with a plan to...
CVE-2025-54795
Claude Code is an agentic coding tool. In versions below 1.0.20, an error in command parsing makes it possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code...
CVE-2025-54794
Claude Code is an agentic coding tool. In versions below 0.2.111, a path validation flaw using prefix matching instead of canonical path comparison, makes it possible to bypass directory restrictions and access files outside the CWD. Successful exploitation depends on the presence of or ability t...
1shot (>=0.0.3 <=0.0.9), @4xian/ccapi (=1.0.6) +208 more potentially affected by CVE-2025-54795 +1 more via @anthropic-ai/claude-code (>=1.0.108 <=1.0.128)
@anthropic-ai/claude-code NPM version =1.0.108, =0.0.3, =0.1.18, =1.0.0, =0.4.0, =0.2.3, =0.0.1, =0.6.0-rc34, =1.0.0, =1.3.2-canary.5af7e49 - @chittycorp/chittychat =3.0.0 and more Source cves: CVE-2025-54795, CVE-2025-547954 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-11502065...
Command Injection
Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Command Injection via improper...
CVE-2025-54795
Claude Code is an agentic coding tool. In versions below 1.0.20, an error in command parsing makes it possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code...
CVE-2025-54794
Claude Code is an agentic coding tool. In versions below 0.2.111, a path validation flaw using prefix matching instead of canonical path comparison, makes it possible to bypass directory restrictions and access files outside the CWD. Successful exploitation depends on the presence of or ability t...
CVE-2025-54794 Claude Code Research Preview has a Path Restriction Bypass which could allow unauthorized file access
Claude Code is an agentic coding tool. In versions below 0.2.111, a path validation flaw using prefix matching instead of canonical path comparison, makes it possible to bypass directory restrictions and access files outside the CWD. Successful exploitation depends on the presence of or ability t...
CVE-2025-54794
CVE-2025-54794 – Claude Code path validation bypass : Claude Code versions older than 0.2.111 expose a directory-restriction bypass due to a path validation flaw that uses prefix matching instead of canonical path comparison. Exploitation requires either a pre-existing or creatable directory shar...
CVE-2025-54794 Claude Code Research Preview has a Path Restriction Bypass which could allow unauthorized file access
Claude Code is an agentic coding tool. In versions below 0.2.111, a path validation flaw using prefix matching instead of canonical path comparison, makes it possible to bypass directory restrictions and access files outside the CWD. Successful exploitation depends on the presence of or ability t...
CVE-2025-54795
CVE-2025-54795 affects Claude Code. Multiple connected sources confirm a command parsing error in versions below 1.0.20 that can bypass the in-application confirmation prompt and trigger execution of untrusted commands when attack content is fed into the Claude Code context window. Impacted data/...
CVE-2025-54795 Claude Code echo command allowed bypass of user approval prompt for command execution
Claude Code is an agentic coding tool. In versions below 1.0.20, an error in command parsing makes it possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code...
CVE-2025-54795 Claude Code echo command allowed bypass of user approval prompt for command execution
Claude Code is an agentic coding tool. In versions below 1.0.20, an error in command parsing makes it possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code...
CVE-2025-54795 Claude Code echo command allowed bypass of user approval prompt for command execution
Claude Code is an agentic coding tool. In versions below 1.0.20, an error in command parsing makes it possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code...
Claude Code 操作系统命令注入漏洞
Claude Code is an open source proxy coding tool from Anthropic. An operating system command injection vulnerability exists in versions of Claude Code prior to 1.0.20, which stems from a command parsing error that could lead to the unacknowledged execution of untrusted commands...
Claude Code 路径遍历漏洞
Claude Code is an open source proxy coding tool from Anthropic. A path traversal vulnerability exists in versions of Claude Code prior to 0.2.111, which stems from path validation using prefix matching instead of canonical path comparison, which could lead to directory restriction bypass...