Lucene search
K

4 matches found

NVD
NVD
added 2026/05/27 9:16 p.m.13 views

CVE-2026-45136

claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh introduced in v3.5.0 interpolates Claude Code's hook stdin payload directly into a Python triple-quoted string literal. A ''' byte sequence in any user-controlled field of th...

8.6CVSS0.00188EPSS
Exploits1References3
EUVD
EUVD
added 2026/05/27 8:48 p.m.12 views

EUVD-2026-32664

claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh introduced in v3.5.0 interpolates Claude Code's hook stdin payload directly into a Python triple-quoted string literal. A ''' byte sequence in any user-controlled field of th...

8.6CVSS5.9AI score0.00188EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.7 views

claude-code-cache-fix 代码注入漏洞

claude-code-cache-fix is a caching optimization tool developed by Chris Nighswonger. Versions 3.5.0 to 3.5.2 of claude-code-cache-fix had a code injection vulnerability. This vulnerability stemmed from the use of tools/quota-statusline.sh, which directly inserted the hook’s standard input payload...

8.6CVSS5.9AI score0.00188EPSS
Exploits1References3
Snyk
Snyk
added 2026/05/13 3:31 p.m.10 views

Arbitrary Code Injection

Overview claude-code-cache-fix is a Cache optimization proxy and interceptor for Claude Code. Fixes prompt cache bugs, stabilizes prefix, reduces quota burn. Affected versions of this package are vulnerable to Arbitrary Code Injection via the tools/quota-statusline.sh process. An attacker can...

8.6CVSS6.1AI score0.00188EPSS
Exploits1References3
Rows per page
Query Builder