Lucene search
K

55 matches found

CVE
CVE
added 2026/06/23 11:54 p.m.22 views

CVE-2026-7574

Anthropic Claude Desktop Cowork VM images (v1.1348.0–v1.2278.0) do not validate the contents of rootfs.img at time-of-use; only file presence and a version marker are checked. A local, unprivileged macOS user can modify the VM root filesystem image and have it trusted on subsequent Cowork VM boot...

8.7CVSS6.5AI score0.00103EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/23 11:54 p.m.31 views

CVE-2026-7574 Anthropic Claude Desktop Cowork VM Image Contents Not Validated Before Use

Anthropic Claude Desktop Cowork VM image handling confirmed across v1.1348.0 through v1.2278.0, including v1.1348.0, v1.1617.0, and v1.2278.0 validates only file presence and a version marker string before booting rootfs.img, but does not verify image content integrity at time-of-use. A local...

8.7CVSS0.00103EPSS
Exploits1References2
OSV
OSV
added 2026/06/20 6:47 p.m.5 views

MAL-2026-6260 Malicious code in free-anthropic-claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11bfe96b56a6615a50639b25de793e14044ea393c2029b26fa4e1b9e3dc5a22f This package impersonates the Anthropic Claude SDK name and description claim to be an 'Official Anthropic Claude SDK wrapper', author is...

5.8AI score
Exploits0References23
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 6:47 p.m.12 views

Malicious code in free-anthropic-claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11bfe96b56a6615a50639b25de793e14044ea393c2029b26fa4e1b9e3dc5a22f This package impersonates the Anthropic Claude SDK name and description claim to be an 'Official Anthropic Claude SDK wrapper', author is...

5.8AI score
Exploits0References27
OSV
OSV
added 2026/06/12 8:57 p.m.11 views

MAL-2026-5717 Malicious code in claudechor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a9cbb36cf7ed82685830b5d3a2b341bff9ef86e2688842d1f54259b2b6fb533 The package's bin entry reads installer-owned Claude credential files /.claude/.credentials.json and /.claude.json — written by Anthropic's official...

5.4AI score
Exploits0References5
The Hacker News
The Hacker News
added 2026/05/27 3:44 p.m.27 views

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named "mouse5212-super-formatter," is designed to upload files from "/mnt/user-data," a dedicated directory used by...

5.9AI score
Exploits0
OSV
OSV
added 2026/05/22 11:39 a.m.16 views

MAL-2026-4457 Malicious code in @tmecontinue/claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0813d6ca6de1573ab8f99aae08444e589f4c5751931e4b18812140f720b74239 Package self-describes as a 'Reverse-engineered Anthropic Claude Code CLI' and impersonates the legitimate @anthropic-ai/claude-code bin name...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 11:55 p.m.12 views

Malicious code in claude-internal-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24a94a290c15f2b6cdaf351590455cd597bb2881f7bbcf1609fbfbd8031e491f Package name impersonates an internal Anthropic 'claude-' namespace and the description field self-identifies as 'Alex Birsan Style'...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 6:5 p.m.10 views

Malicious code in @bonsai-ai/claude-code (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad3b5646cf88b8eb5a7dbbec9fc2f1cfefcdf3a241d9604992e72c2f629889b9 Package published as @bonsai-ai/claude-code impersonates Anthropic's official @anthropic-ai/claude-code CLI. package.json sets author to 'Anthropic '...

5.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.12 views

Anthropic Claude Code < 2.1.64 Sandbox Escape via Symlink Following (CVE-2026-39861)

The version of Anthropic Claude Code installed on the remote host is prior to 2.1.64. It is, therefore, affected by a sandbox escape vulnerability. - Claude Code's sandbox did not prevent sandboxed processes from creating symlinks pointing to locations outside the workspace. When Claude Code...

10CVSS6.2AI score0.00518EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/04/21 6:51 p.m.8 views

1shot (>=0.0.1 <=0.0.9), @3030-labs/wotw (>=0.8.4 <=0.9.0) +376 more potentially affected by CVE-2026-39861 via @anthropic-ai/claude-code (>=0.2.126 <=2.1.63)

@anthropic-ai/claude-code NPM version =0.2.126, =0.0.1, =0.8.4, =1.0.0, =2.1.0, =0.0.0-dev-20260312143810, =1.5.6, =0.1.18, =1.0.0, =0.4.0, =0.11.0 - @arach/hooked =1.1.1 and more Source cves: CVE-2026-39861 Source advisory: OSV:GHSA-VP62-R36R-9XQP...

10CVSS5.7AI score0.00518EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.2 views

Anthropic Claude Code < 2.1.2 Sandbox Escape via settings.json Injection (CVE-2026-25725)

The version of Anthropic Claude Code installed on the remote host is prior to 2.1.2. It is, therefore, affected by a sandbox escape vulnerability. The bubblewrap sandboxing mechanism failed to properly protect the .claude/settings.json configuration file when it did not exist at startup. While th...

10CVSS6AI score0.00416EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.10 views

Anthropic Claude Code < 2.0.65 API Key Leak via Project Settings (CVE-2026-21852)

The version of Anthropic Claude Code installed on the remote host is prior to 2.0.65. It is, therefore, affected by an information disclosure vulnerability. A vulnerability in the project-load flow allowed malicious repositories to exfiltrate data including Anthropic API keys before users confirm...

7.5CVSS6.1AI score0.2297EPSS
Exploits2References2
NVD
NVD
added 2026/04/06 8:16 p.m.6 views

CVE-2026-35021

Rejected reason: This CVE ID has been rejected by its CVE Numbering Authority CNA. It was determined that the affected code path cannot be triggered through normal usage of Claude Code...

0.00041EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/06 6:59 p.m.28 views

CVE-2026-35022

...

0.00596EPSS
Exploits0
CVE
CVE
added 2026/04/06 6:59 p.m.18 views

CVE-2026-35022

Anthropic Claude Code CLI and Claude Agent SDK are cited in multiple sources as vulnerable to an OS command injection in authentication helper execution. The underlying issue is that helper configuration values are executed with shell=true without input validation, allowing injection of shell met...

6.2AI score0.00596EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/06 6:59 p.m.4 views

CVE-2026-35022

...

5.8AI score0.00596EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/06 6:59 p.m.2 views

CVE-2026-35022

This CVE ID has been rejected by its CVE Numbering Authority CNA. It was determined that the -p flag behavior is documented in Anthropic's claude -h output with an explicit warning that non-interactive mode should only be used in trusted directories, making this intended and described behavior...

5.7AI score0.00596EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/06 6:59 p.m.30 views

CVE-2026-35021

...

0.00041EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/06 6:59 p.m.5 views

CVE-2026-35021

...

5.8AI score0.00041EPSS
Exploits0
Rows per page
Query Builder