Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2026/02/05 11:51 a.m.27 views

CVE-2026-23572 Improper Access Control in TeamViewer clients

Improper access control in the TeamViewer Full and Host clients Windows, macOS, Linux prior version 15.74.5 allows an authenticated user to bypass additional access controls with “Allow after confirmation” configuration in a remote session. An exploit could result in unauthorized access prior to...

7.2CVSS0.00272EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/02/03 12:0 a.m.5 views

PT-2026-6466

Due to an error in command parsing, it was possible to bypass the Claude Code confirmation prompt to trigger execution of untrusted commands through the find command. Reliably exploiting this required the ability to add untrusted content into a Claude Code context window. Users on standard Claude...

8.8CVSS6AI score0.00562EPSS
Exploits1References4
Veracode
Veracodeadded 2025/10/23 8:19 a.m.5 views

Improper Input Validation

@anthropic-ai/claude-code is vulnerable to Improper Input Validation. The vulnerability is due to an error in command parsing that allows an attacker to bypass the confirmation prompt and trigger execution of untrusted commands by injecting malicious content into a Claude Code context window...

9.8CVSS7.5AI score0.00512EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2025/09/10 12:0 a.m.3 views

PT-2025-37055

Name of the Vulnerable Software and Affected Versions: Claude Code versions prior to 1.0.105 Description: Claude Code is an agentic coding tool. A flaw in command parsing allowed a bypass of the Claude Code confirmation prompt, potentially triggering the execution of untrusted commands...

8.7CVSS6.7AI score0.00512EPSS
Exploits0References7
Veracode
Veracodeadded 2025/08/21 11:33 a.m.4 views

Command Injection

@anthropic-ai/claude-code is vulnerable to Command Injection. The vulnerability is due to the confirmation prompt being bypassed, allowing execution of untrusted commands if malicious content is injected into the context window...

9.8CVSS7.4AI score0.00944EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/23 3:10 a.m.4 views

CVE-2023-21387

In User Backup Manager, there is a possible way to leak a token to bypass user confirmation for backup due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

4.4CVSS5.4AI score0.00102EPSS
Exploits0References1
OSV
OSVadded 2023/06/01 12:0 a.m.4 views

PUB-A-270403821

there is a possible way to bypass the protected confirmation screen due to Failure to lock display power. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

7.8CVSS7.1AI score0.0009EPSS
Exploits0References1
Rows per page
Query Builder