Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/06/29 2:4 p.m.31 views

CVE-2026-55607 Claude Code: Sandbox Escape via Git Worktree Path Confusion Allows Unsandboxed Code Execution

Claude Code is an agentic coding tool. From 2.1.38 until 2.1.163, Claude Code's worktree handling allowed creation of worktrees named ".git" and navigation to worktrees outside the sandbox context, enabling git directory confusion attacks. By exploiting symlink manipulation and git fsmonitor...

7.7CVSS0.00765EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/05 8:52 p.m.37 views

EUVD-2026-27502

In versions 2.1.63 through 2.1.83 of Claude Code, the folder trust determination logic used the git worktree commondir file without validating its contents. An attacker could craft a malicious repository with a commondir file pointing to a path the victim had previously trusted, causing Claude Co...

7.7CVSS5.8AI score0.00281EPSS
Exploits0References1
OSV
OSV
added 2026/05/05 7:26 p.m.5 views

GHSA-PG4W-G64P-QWHJ gix and gitoxide's symlinked .gitmodules are followed and parsed from outside of the repository

Summary attachments: pocs.zip When Repository::submodules loads submodule metadata, it prefers the worktree .gitmodules file if that path exists. In the current implementation, the path is read with std::fs::read, which follows symlinks. As a result, a repository can present a symlinked .gitmodul...

8.7CVSS6.1AI score
Exploits0References2
GithubExploit
GithubExploit
added 2025/08/29 11:48 a.m.176 views

Exploit for Link Following in Git-Scm Git

CVE-2025-48384: Breaking git with a carriage return and clonin...

8CVSS7.2AI score0.02775EPSS
Exploits9
Rows per page
Query Builder