Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

CNNVD
CNNVDadded 2026/02/03 12:0 a.m.4 views

Claude Code 跨站脚本漏洞

Claude Code is an open-source proxy encoding tool developed by Anthropic. Versions of Claude Code prior to 2.0.74 contained a cross-site scripting vulnerability. This vulnerability stemmed from a Bash command validation flaw during the parsing of ZSH “clobber” syntax, which could allow bypassing...

7.7CVSS5.7AI score0.00025EPSS
Exploits0References1
NVD
NVDadded 2025/12/03 7:15 p.m.1 views

CVE-2025-66032

Claude Code is an agentic coding tool. Prior to 1.0.93, Due to errors in parsing shell commands related to $IFS and short CLI flags, it was possible to bypass the Claude Code read-only validation and trigger arbitrary code execution. Reliably exploiting this requires the ability to add untrusted...

9.8CVSS0.00039EPSS
Exploits0References1
OSV
OSVadded 2025/12/03 4:27 p.m.11 views

GHSA-XQ4M-MC3C-VVG3 Claude Code Command Validation Bypass Allows Arbitrary Code Execution

Due to errors in parsing shell commands related to $IFS and short CLI flags, it was possible to bypass the Claude Code read-only validation and trigger arbitrary code execution. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on...

8.7CVSS8AI score0.00039EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2025/12/03 4:27 p.m.13 views

Claude Code Command Validation Bypass Allows Arbitrary Code Execution

Due to errors in parsing shell commands related to $IFS and short CLI flags, it was possible to bypass the Claude Code read-only validation and trigger arbitrary code execution. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on...

9.8CVSS8.1AI score0.00039EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker Newsadded 2025/08/22 2:31 p.m.5 views

Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection

Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The "Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file," Trellix researcher Sagar Bade said in a...

8.7AI score
Exploits0
CNNVD
CNNVDadded 2021/11/15 12:0 a.m.3 views

Busybox 安全漏洞

A security vulnerability exists in the Busybox hush applet, which stems from the shell's incorrect handling of the &&&& string in the Busybox hush applet, which was developed by Denis Vlasenko, a Ukrainian developer. An attacker could exploit this vulnerability to cause a denial of service and...

9.8CVSS6.9AI score0.02855EPSS
Exploits0References11
Rows per page
Query Builder