12 matches found
EUVD-2025-27563
Malicious code in bioql PyPI...
CVE-2025-58764
Claude Code is an agentic coding tool. Due to an error in command parsing, versions prior to 1.0.105 were vulnerable to a bypass of the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claud...
CVE-2025-59041
Claude Code is an agentic coding tool. At startup, Claude Code executed a command templated in with git config user.email. Prior to version 1.0.105, a maliciously configured user email in git could be used to trigger arbitrary code execution before a user accepted the workspace trust dialog. User...
CVE-2025-59041
Claude Code is an agentic coding tool. At startup, Claude Code executed a command templated in with git config user.email. Prior to version 1.0.105, a maliciously configured user email in git could be used to trigger arbitrary code execution before a user accepted the workspace trust dialog. User...
CVE-2025-58764
Claude Code is an agentic coding tool. Due to an error in command parsing, versions prior to 1.0.105 were vulnerable to a bypass of the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claud...
CVE-2025-59041 Claude Code vulnerable to arbitrary code execution caused by maliciously configured git email
Claude Code is an agentic coding tool. At startup, Claude Code executed a command templated in with git config user.email. Prior to version 1.0.105, a maliciously configured user email in git could be used to trigger arbitrary code execution before a user accepted the workspace trust dialog. User...
CVE-2025-59041
CVE-2025-59041 affects Claude Code, an agentic coding tool. At startup, Claude Code constructed a shell command interpolating the value of git config user.email, enabling arbitrary code execution if the configuration is maliciously crafted before the workspace trust dialog is accepted. The issue ...
CVE-2025-59041 Claude Code vulnerable to arbitrary code execution caused by maliciously configured git email
Claude Code is an agentic coding tool. At startup, Claude Code executed a command templated in with git config user.email. Prior to version 1.0.105, a maliciously configured user email in git could be used to trigger arbitrary code execution before a user accepted the workspace trust dialog. User...
CVE-2025-59041 Claude Code vulnerable to arbitrary code execution caused by maliciously configured git email
Claude Code is an agentic coding tool. At startup, Claude Code executed a command templated in with git config user.email. Prior to version 1.0.105, a maliciously configured user email in git could be used to trigger arbitrary code execution before a user accepted the workspace trust dialog. User...
CVE-2025-58764 Claude Code rg command had Command Injection that allowed bypass of user approval prompt for command execution
Claude Code is an agentic coding tool. Due to an error in command parsing, versions prior to 1.0.105 were vulnerable to a bypass of the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claud...
CVE-2025-58764 Claude Code rg command had Command Injection that allowed bypass of user approval prompt for command execution
Claude Code is an agentic coding tool. Due to an error in command parsing, versions prior to 1.0.105 were vulnerable to a bypass of the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claud...
Claude Code 代码注入漏洞
Claude Code is an open source proxy coding tool from Anthropic. A code injection vulnerability exists in Claude Code versions prior to 1.0.105, which originates from a malicious user mailbox in the git configuration could lead to arbitrary code execution...