GHSA-C4M7-2GWP-VW76 ouroboros-ai Vulnerable to Remote Code Execution via Untrusted Project-Directory .env

Impact A Remote Code Execution RCE vulnerability was discovered in Ouroboros. If a user clones a malicious repository and runs Ouroboros commands within that directory, it can lead to arbitrary code execution and potential system takeover. The vulnerability CWE-426: Untrusted Search Path & CWE-15...

Astra Linux - уязвимость в ktexteditor, kate

The LSP Language Server Protocol plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 attempts to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it will attempt to run the LSP server binary in the directory of the...

Exploit for Code Injection in Anthropic Claude_Code

CVE-2025-59536 - the startup trust dialog implementation. Clau...

CVE-2025-65099

Claude Code is an agentic coding tool. Prior to version 1.0.39, when running on a machine with Yarn 3.0 or above, Claude Code could have been tricked to execute code contained in a project via yarn plugins before the user accepted the startup trust dialog. Exploiting this would have required a us...

Claude Code vulnerable to command execution prior to startup trust dialog

When using Claude Code with Yarn installed, Yarn config files can trigger code execution when running yarn --version. This could lead to a bypass of the directory trust dialog in Claude Code, as plugins and yarnPath could be executed prior to the user accepting the risks of working in an untruste...

GHSA-5HHX-V7F6-X7GV Claude Code vulnerable to command execution prior to startup trust dialog

When using Claude Code with Yarn installed, Yarn config files can trigger code execution when running yarn --version. This could lead to a bypass of the directory trust dialog in Claude Code, as plugins and yarnPath could be executed prior to the user accepting the risks of working in an untruste...

Arbitrary Code Injection

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Arbitrary Code Injection via ya...

CVE-2025-65099

CVE-2025-65099 – Claude Code pre‑startup trust bypass via Yarn 3.x plugins is raised for Claude Code prior to 1.0.39. The issue allowed code execution from a project directory by exploiting Yarn 3.0+ plugins before the startup trust dialog was accepted. Affected scenario required running Claude C...

PT-2025-47513

Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 1.0.39 Description Prior to version 1.0.39, Claude Code could be tricked into executing code contained in a project through Yarn plugins before the user accepted the startup trust dialog, when running on a machine...

Socket Firewall 代码问题漏洞

Socket Firewall is a firewall software from Socket Open Source. A code issue vulnerability exists in Socket Firewall versions prior to 0.15.5 that stems from the possibility of executing arbitrary code when running in an untrusted project directory, which could lead to bypassing malicious packet...

EUVD-2008-4091

Malware in sbrugna...

EUVD-2023-32625

Malicious code in bioql PyPI...

EUVD-2025-32229

Malicious code in bioql PyPI...

Arbitrary Code Injection

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Arbitrary Code Injection via th...

Claude Code can execute commands prior to the startup trust dialog

Due to a bug in the startup trust dialog implementation, Claude Code could be tricked to execute code contained in a project before the user accepted the startup trust dialog. Exploiting this requires a user to start Claude Code in an untrusted directory. Users on standard Claude Code auto-update...

GHSA-4FGQ-FPQ9-MR3G Claude Code can execute commands prior to the startup trust dialog

Due to a bug in the startup trust dialog implementation, Claude Code could be tricked to execute code contained in a project before the user accepted the startup trust dialog. Exploiting this requires a user to start Claude Code in an untrusted directory. Users on standard Claude Code auto-update...

CVE-2025-59536 Claude Code's startup trust dialog could lead to Command Execution attack

Claude Code is an agentic coding tool. Versions before 1.0.111 were vulnerable to Code Injection due to a bug in the startup trust dialog implementation. Claude Code could be tricked to execute code contained in a project before the user accepted the startup trust dialog. Exploiting this requires...

CVE-2025-59536 Claude Code's startup trust dialog could lead to Command Execution attack

Claude Code is an agentic coding tool. Versions before 1.0.111 were vulnerable to Code Injection due to a bug in the startup trust dialog implementation. Claude Code could be tricked to execute code contained in a project before the user accepted the startup trust dialog. Exploiting this requires...

CVE-2025-59536

Claude Code (Anthropic) versions before 1.0.111 are vulnerable to code injection due to a flaw in the startup trust dialog. An attacker could trick a user into starting Claude Code in an untrusted project directory, causing code from that project to execute before the user accepts the startup tru...

CVE-2025-59536 Claude Code's startup trust dialog could lead to Command Execution attack

Claude Code is an agentic coding tool. Versions before 1.0.111 were vulnerable to Code Injection due to a bug in the startup trust dialog implementation. Claude Code could be tricked to execute code contained in a project before the user accepted the startup trust dialog. Exploiting this requires...