MAL-2026-4609 Malicious code in mev-shield (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9783d5e48d62da6de516b1cf5d36474143528a9c6f33a86892ee558266a4e5ec The package advertises itself as an 'MEV protection layer for Ethereum trading bots' but does the opposite. On npm install, a postinstall script...

MAL-2026-4532 Malicious code in code-tool-langfuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13591fd81486fc2001b5c998ff87badefcb81f4c396aa43675a7280a6fed23cf The package installs a Claude Code Stop hook and patches OpenCode plugin code so that every future AI session's user prompts, assistant responses, to...

Improper Sandbox Protection

@anthropic-ai/claude-code is vulnerable to improper sandbox protection. The vulnerability is due to the sandbox failing to protect the .claude/settings.json file when it was absent at startup, which allows an attacker to create the file inside the sandbox and inject persistent hooks that execute...

Claude Code has Sandbox Escape via Persistent Configuration Injection in settings.json

Claude Code's bubblewrap sandboxing mechanism failed to properly protect the .claude/settings.json configuration file when it did not exist at startup. While the parent directory was mounted as writable and .claude/settings.local.json was explicitly protected with read-only constraints,...

GHSA-FF64-7W26-62RF Claude Code has Sandbox Escape via Persistent Configuration Injection in settings.json

Claude Code's bubblewrap sandboxing mechanism failed to properly protect the .claude/settings.json configuration file when it did not exist at startup. While the parent directory was mounted as writable and .claude/settings.local.json was explicitly protected with read-only constraints,...

CVE-2026-25725 Claude Code Has Sandbox Escape via Persistent Configuration Injection in settings.json

Claude Code is an agentic coding tool. Prior to version 2.1.2, Claude Code's bubblewrap sandboxing mechanism failed to properly protect the .claude/settings.json configuration file when it did not exist at startup. While the parent directory was mounted as writable and .claude/settings.local.json...

CVE-2026-25725

CVE-2026-25725 affects Claude Code prior to 2.1.2, where the bubblewrap sandbox failed to protect the .claude/settings.json file if it did not exist at startup. The parent directory was writable and .claude/settings.local.json was protected, but settings.json could be created inside the sandbox a...

CVE-2026-25725 Claude Code Has Sandbox Escape via Persistent Configuration Injection in settings.json

Claude Code is an agentic coding tool. Prior to version 2.1.2, Claude Code's bubblewrap sandboxing mechanism failed to properly protect the .claude/settings.json configuration file when it did not exist at startup. While the parent directory was mounted as writable and .claude/settings.local.json...

CVE-2026-25725 Claude Code Has Sandbox Escape via Persistent Configuration Injection in settings.json

Claude Code is an agentic coding tool. Prior to version 2.1.2, Claude Code's bubblewrap sandboxing mechanism failed to properly protect the .claude/settings.json configuration file when it did not exist at startup. While the parent directory was mounted as writable and .claude/settings.local.json...

EUVD-2026-5616

Claude Code is an agentic coding tool. Prior to version 2.1.2, Claude Code's bubblewrap sandboxing mechanism failed to properly protect the .claude/settings.json configuration file when it did not exist at startup. While the parent directory was mounted as writable and .claude/settings.local.json...

Claude Code 安全漏洞

Claude Code is an open-source terminal-native AI programming tool developed by Anthropic. Versions of Claude Code prior to 2.1.2 contained a security vulnerability. This vulnerability stemmed from the bubblewrap sandbox mechanism, which failed to properly protect the.claude/settings.json file whe...