CVE-2026-42074 OpenClaude: Sandbox Bypass via Model-Controlled `dangerouslyDisableSandbox` Input

OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Prior to version 0.5.1, the dangerouslyDisableSandbox parameter is exposed as part of the BashTool input schema, meaning the LLM an untrusted principal per the project's own threat model can set ...

OpenClaude 安全漏洞

OpenClaude is an open-source coding assistant CLI developed by Gitlawb, which supports multiple backends. Prior to version 0.5.1, OpenClaude had a security vulnerability. This vulnerability stemmed from the dangerouslyDisableSandbox parameter being exposed in the BashTool input mode, and the...

OpenClaude Sandbox Bypass via Model-Controlled `dangerouslyDisableSandbox` Input

Summary The dangerouslyDisableSandbox parameter is exposed as part of the BashTool input schema, meaning the LLM an untrusted principal per the project's own threat model can set it to true in any tooluse response. Combined with the default allowUnsandboxedCommands: true setting, a prompt-injecte...

NPM: OpenClaude Sandbox Bypass via Model-Controlled `dangerouslyDisableSandbox` Input

NPM: OpenClaude Sandbox Bypass via Model-Controlled dangerouslyDisableSandbox Input vulnerability discovered by ? in WordPress Npm openclaude versions 0.5.1...

PT-2026-40421

Name of the Vulnerable Software and Affected Versions openclaude versions prior to 0.5.1 Description A security issue exists where the dangerouslyDisableSandbox parameter is exposed within the BashTool input schema. This allows a Large Language Model LLM, which is considered an untrusted principa...