Lucene search
+L

793 matches found

EUVD
EUVD
added 2026/06/29 2:3 p.m.8 views

EUVD-2026-40116

Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path /tmp/claude/response.md without UID isolation, randomness, or symlink protection. The file was created world-readable 0644 in a world-traversable...

4.4CVSS5.9AI score0.00149EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/29 2:3 p.m.36 views

CVE-2026-46406 Claude Code: Insecure Temporary File in /copy Command Enables Response Disclosure and Symlink-Based File Write

Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path /tmp/claude/response.md without UID isolation, randomness, or symlink protection. The file was created world-readable 0644 in a world-traversable...

4.4CVSS0.00149EPSS
Exploits0References1
CVE
CVE
added 2026/06/29 2:3 p.m.30 views

CVE-2026-46406

CVE-2026-46406 affects @anthropic-ai/claude-code versions 2.1.59 through 2.1.128. The /copy command writes responses to a hardcoded, predictable path (/tmp/claude/response.md) with UID isolation, randomness, and symlink protections missing. The file is world-readable (0644) in a world-traversable...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/06/29 11:50 a.m.8 views

PYSEC-2026-418 MLflow: Improper Origin Validation in MLflow Assistant /ajax-api Endpoints Enables Browser-Mediated Local Command Execution

In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. This vulnerability allows a remote attacker to exploit cross-origin requests from a malicious webpage to interact with the MLflow Assistant running on a victim's local machine. ...

9.6CVSS7.7AI score0.00371EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.24 views

PT-2026-52680

Name of the Vulnerable Software and Affected Versions Claude Code versions 2.1.38 through 2.1.162 Description Claude Code's worktree handling allows the creation of worktrees named ".git" and navigation to worktrees outside the sandbox context, enabling git directory confusion attacks. By...

8.8CVSS6.3AI score0.00765EPSS
Exploits0References16
Snyk
Snyk
added 2026/06/25 4:53 p.m.5 views

Insecure Temporary File

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Insecure Temporary File via the...

6.1CVSS6AI score0.00149EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 4:53 p.m.3 views

GHSA-4VP2-6Q8C-PVQ2 @anthropic-ai/claude-code has an Insecure Temporary File in /copy Command that Enables Response Disclosure and Symlink-Based File Write

The Claude Code /copy command wrote responses to a hardcoded, predictable path /tmp/claude/response.md without UID isolation, randomness, or symlink protection. The file was created world-readable 0644 in a world-traversable directory 0755, allowing any local user to read a privileged user's Clau...

4.4CVSS5.9AI score0.00149EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 4:43 a.m.20 views

Malicious code in anthropic-claude-latest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39eab369e2498da827d3bbd331effdf24b99ab28961e62da7328e4476e328876 Package anthropic-claude-latest claims to be an 'Official Anthropic Claude SDK wrapper' but ships no Anthropic SDK code; the README is for an unrelat...

6.5AI score
Exploits0References4
CVE
CVE
added 2026/06/23 11:54 p.m.34 views

CVE-2026-7574

Anthropic Claude Desktop Cowork VM images (v1.1348.0–v1.2278.0) do not validate the contents of rootfs.img at time-of-use; only file presence and a version marker are checked. A local, unprivileged macOS user can modify the VM root filesystem image and have it trusted on subsequent Cowork VM boot...

8.7CVSS6.5AI score0.00103EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/23 11:54 p.m.42 views

CVE-2026-7574 Anthropic Claude Desktop Cowork VM Image Contents Not Validated Before Use

Anthropic Claude Desktop Cowork VM image handling confirmed across v1.1348.0 through v1.2278.0, including v1.1348.0, v1.1617.0, and v1.2278.0 validates only file presence and a version marker string before booting rootfs.img, but does not verify image content integrity at time-of-use. A local...

8.7CVSS0.00103EPSS
Exploits1References2
NVD
NVD
added 2026/06/23 6:18 p.m.13 views

CVE-2026-54316

Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including attacker-controlled model repositories—was auto-approved without a permission prompt or being subject ...

9.1CVSS0.00403EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:6 p.m.7 views

CVE-2026-54316

Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including attacker-controlled model repositories—was auto-approved without a permission prompt or being subject ...

6CVSS5.9AI score0.00403EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/23 5:6 p.m.61 views

CVE-2026-54316

CVE-2026-54316 (Claude Code) affects Claude Code versions 0.2.54–2.1.162, fixed in 2.1.163. The WebFetch tool allowed any path on the pre-approved domain huggingface.co, enabling an attacker-controlled repository path to be fetched without prompts or --allowedTools restrictions. If an attacker ca...

9.1CVSS5.9AI score0.00403EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/06/23 5:6 p.m.4 views

CVE-2026-54316 Claude Code: Out-of-Band Data Exfiltration via Pre-Approved HuggingFace Domain in WebFetch

Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including attacker-controlled model repositories—was auto-approved without a permission prompt or being subject ...

6CVSS6AI score0.00403EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/23 5:6 p.m.39 views

CVE-2026-54316 Claude Code: Out-of-Band Data Exfiltration via Pre-Approved HuggingFace Domain in WebFetch

Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including attacker-controlled model repositories—was auto-approved without a permission prompt or being subject ...

6CVSS0.00403EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 6:47 p.m.19 views

Malicious code in free-anthropic-claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11bfe96b56a6615a50639b25de793e14044ea393c2029b26fa4e1b9e3dc5a22f This package impersonates the Anthropic Claude SDK name and description claim to be an 'Official Anthropic Claude SDK wrapper', author is...

5.8AI score
Exploits0References27
OSV
OSV
added 2026/06/20 6:47 p.m.9 views

MAL-2026-6260 Malicious code in free-anthropic-claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11bfe96b56a6615a50639b25de793e14044ea393c2029b26fa4e1b9e3dc5a22f This package impersonates the Anthropic Claude SDK name and description claim to be an 'Official Anthropic Claude SDK wrapper', author is...

5.8AI score
Exploits0References27
OSV
OSV
added 2026/06/19 5:37 p.m.14 views

MAL-2026-6232 Malicious code in free-claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e5cf1276f4faf6de26e95f05cc2bb95d90c71473c20e9542c9e88c2d949dfb9 Package name 'free-claude' and author 'anthropic-claude' impersonate Anthropic's Claude product, with a README claiming to install the official Claud...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 5:37 p.m.11 views

Malicious code in free-claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e5cf1276f4faf6de26e95f05cc2bb95d90c71473c20e9542c9e88c2d949dfb9 Package name 'free-claude' and author 'anthropic-claude' impersonate Anthropic's Claude product, with a README claiming to install the official Claud...

5.8AI score
Exploits0References3
Snyk
Snyk
added 2026/06/18 6:35 p.m.10 views

Unsafe Dependency Resolution

Overview @theia/ai-claude-code is a Theia - Claude Code Integration Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the automatic loading of .prompts/.prompttemplate files in a workspace. An attacker can manipulate the AI agent's system instructions by...

8.8CVSS6.1AI score0.00272EPSS
Exploits0References2
Rows per page
Query Builder