785 matches found
@circleci/agents (>=2.13.0-canary.3413b9c <=2.13.2-canary.8150572), @zed-industries/claude-code-acp (>=0.4.2 <=0.4.3) +1 more potentially affected by CVE-2025-59829 via @anthropic-ai/claude-code (>=1.0.108 <=1.0.119)
@anthropic-ai/claude-code NPM version =1.0.108, =2.13.0-canary.3413b9c, =0.4.2, =0.1.51, =0.1.56 Source cves: CVE-2025-59829 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-13299550...
Claude Code permission deny bypass through symlink
Claude Code failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the file. Users on standard Claude Code auto-update wil...
GHSA-4FGQ-FPQ9-MR3G Claude Code can execute commands prior to the startup trust dialog
Due to a bug in the startup trust dialog implementation, Claude Code could be tricked to execute code contained in a project before the user accepted the startup trust dialog. Exploiting this requires a user to start Claude Code in an untrusted directory. Users on standard Claude Code auto-update...
@4via6/relay (>=1.0.0 <=1.1.3), @axonpush/wizard (>=0.0.1 <=0.0.4) +12 more potentially affected by CVE-2025-59536 via @anthropic-ai/claude-code (>=0.2.126 <=1.0.108)
@anthropic-ai/claude-code NPM version =0.2.126, =1.0.0, =0.0.1, =0.0.55, =1.0.0, =0.0.1, =0.0.1, =1.8.0, =0.1.51, =1.4.0, =0.0.1, =0.0.1, =0.0.5 Source cves: CVE-2025-59536 Source advisory: OSV:GHSA-4FGQ-FPQ9-MR3G...
@circleci/agents (=2.13.2-canary.8150572), claude-code-webui (>=0.1.51 <=0.1.56) potentially affected by CVE-2025-59536 via @anthropic-ai/claude-code (=1.0.108)
@anthropic-ai/claude-code NPM version =1.0.108 is affected by a known vulnerability. The following packages have a transitive dependency on @anthropic-ai/claude-code and may be impacted: - @circleci/agents =2.13.2-canary.8150572 - claude-code-webui =0.1.51, =0.1.56 Source cves: CVE-2025-59536...
Arbitrary Code Injection
Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Arbitrary Code Injection via th...
CVE-2025-59536 Claude Code's startup trust dialog could lead to Command Execution attack
Claude Code is an agentic coding tool. Versions before 1.0.111 were vulnerable to Code Injection due to a bug in the startup trust dialog implementation. Claude Code could be tricked to execute code contained in a project before the user accepted the startup trust dialog. Exploiting this requires...
CVE-2025-59536
Claude Code (Anthropic) versions before 1.0.111 are vulnerable to code injection due to a flaw in the startup trust dialog. An attacker could trick a user into starting Claude Code in an untrusted project directory, causing code from that project to execute before the user accepts the startup tru...
Claude Code 代码注入漏洞
Claude Code is an open source proxy coding tool from Anthropic. A code injection vulnerability exists in Claude Code versions prior to 1.0.111, which stems from a flaw in the implementation of the startup trust dialog box that could lead to a code injection attack...
Claude Code 安全漏洞
Claude Code is an open source proxy coding tool from Anthropic. A security vulnerability exists in Claude Code versions prior to 1.0.120 that stems from a failure to consider symbolic links when checking permission denial rules, which could lead to bypassing file access restrictions...
External Data Extraction Attacks against Retrieval-Augmented Large Language Models
In recent years, RAG has emerged as a key paradigm for enhancing large language models LLMs. By integrating externally retrieved information, RAG alleviates issues like outdated knowledge and, crucially, insufficient domain expertise. While effective, RAG introduces new risks of external data...
PT-2025-40539
Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 1.0.120 Description An issue existed where Claude Code did not properly handle symlinks when enforcing permission deny rules. Specifically, if a user blocked Claude Code’s access to a file, but Claude Code had...
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More
From unpatched cars to hijacked clouds, this week's Threatsday headlines remind us of one thing — no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome's settings t...
CVE-2025-59828
Claude Code is an agentic coding tool. Prior to Claude Code version 1.0.39, when using Claude Code with Yarn versions 2.0+, Yarn plugins are auto-executed when running yarn --version. This could lead to a bypass of the directory trust dialog in Claude Code, as plugins would be executed prior to t...
CVE-2025-59828
Claude Code is an agentic coding tool. Prior to Claude Code version 1.0.39, when using Claude Code with Yarn versions 2.0+, Yarn plugins are auto-executed when running yarn --version. This could lead to a bypass of the directory trust dialog in Claude Code, as plugins would be executed prior to t...
CVE-2025-59828 Claude Code Vulnerable to Arbitrary Code Execution via Plugin Autoloading with Specific Yarn Versions
Claude Code is an agentic coding tool. Prior to Claude Code version 1.0.39, when using Claude Code with Yarn versions 2.0+, Yarn plugins are auto-executed when running yarn --version. This could lead to a bypass of the directory trust dialog in Claude Code, as plugins would be executed prior to t...
CVE-2025-59828 Claude Code Vulnerable to Arbitrary Code Execution via Plugin Autoloading with Specific Yarn Versions
Claude Code is an agentic coding tool. Prior to Claude Code version 1.0.39, when using Claude Code with Yarn versions 2.0+, Yarn plugins are auto-executed when running yarn --version. This could lead to a bypass of the directory trust dialog in Claude Code, as plugins would be executed prior to t...
CVE-2025-59828 Claude Code Vulnerable to Arbitrary Code Execution via Plugin Autoloading with Specific Yarn Versions
Claude Code is an agentic coding tool. Prior to Claude Code version 1.0.39, when using Claude Code with Yarn versions 2.0+, Yarn plugins are auto-executed when running yarn --version. This could lead to a bypass of the directory trust dialog in Claude Code, as plugins would be executed prior to t...
1shot (>=0.0.3 <=0.0.9), @4xian/ccapi (=1.0.6) +210 more potentially affected by CVE-2025-59828 via @anthropic-ai/claude-code (>=1.0.108 <=1.0.24)
@anthropic-ai/claude-code NPM version =1.0.108, =0.0.3, =0.1.18, =1.0.0, =0.4.0, =0.2.3, =0.0.1, =0.6.0-rc34, =1.0.0, =1.3.2-canary.5af7e49 - @chittycorp/chittychat =3.0.0 and more Source cves: CVE-2025-59828 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-13109605...
1shot (>=0.0.3 <=0.0.9), @4via6/relay (>=1.0.0 <=1.1.3) +222 more potentially affected by CVE-2025-59828 via @anthropic-ai/claude-code (>=0.2.126 <=1.0.24)
@anthropic-ai/claude-code NPM version =0.2.126, =0.0.3, =1.0.0, =0.1.18, =1.0.0, =0.4.0, =0.2.3, =0.0.1, =0.0.1, =0.0.55, =0.0.69 - @brandongtr/rule-agent-cli =1.0.1-beta.0 and more Source cves: CVE-2025-59828 Source advisory: OSV:GHSA-2JJV-QF24-VFM4...