Lucene search
K

135 matches found

Github Security Blog
Github Security Blog
added 2026/02/06 7:2 p.m.9 views

Claude Code Vulnerable to Command Injection via Directory Change Bypasses Write Protection

Claude Code failed to properly validate directory changes when combined with write operations to protected folders. By using the cd command to navigate into sensitive directories like .claude, it was possible to bypass write protection and create or modify files without user confirmation. Reliabl...

9.1CVSS5.5AI score0.00357EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/02/06 6:15 p.m.30 views

CVE-2026-25722

Claude Code is an agentic coding tool. Prior to version 2.0.57, Claude Code failed to properly validate directory changes when combined with write operations to protected folders. By using the cd command to navigate into sensitive directories like .claude, it was possible to bypass write protecti...

9.1CVSS0.00357EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/06 5:52 p.m.5 views

CVE-2026-25722

Claude Code is an agentic coding tool. Prior to version 2.0.57, Claude Code failed to properly validate directory changes when combined with write operations to protected folders. By using the cd command to navigate into sensitive directories like .claude, it was possible to bypass write protecti...

7.7CVSS5.4AI score0.00357EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/02/06 5:52 p.m.23 views

CVE-2026-25722

CVE-2026-25722 affects Claude Code prior to version 2.0.57. The root cause is improper validation of directory changes during write operations to protected folders, allowing an attacker to use the cd command to navigate to sensitive directories (e.g., .claude) and bypass write protections to crea...

9.1CVSS5.4AI score0.00357EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/02/06 5:52 p.m.4 views

CVE-2026-25722 Claude Code Vulnerable to Command Injection via Directory Change Bypasses Write Protection

Claude Code is an agentic coding tool. Prior to version 2.0.57, Claude Code failed to properly validate directory changes when combined with write operations to protected folders. By using the cd command to navigate into sensitive directories like .claude, it was possible to bypass write protecti...

7.7CVSS5.7AI score0.00357EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/06 5:52 p.m.7 views

CVE-2026-25722 Claude Code Vulnerable to Command Injection via Directory Change Bypasses Write Protection

Claude Code is an agentic coding tool. Prior to version 2.0.57, Claude Code failed to properly validate directory changes when combined with write operations to protected folders. By using the cd command to navigate into sensitive directories like .claude, it was possible to bypass write protecti...

7.7CVSS5.4AI score0.00357EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/06 5:52 p.m.31 views

CVE-2026-25722 Claude Code Vulnerable to Command Injection via Directory Change Bypasses Write Protection

Claude Code is an agentic coding tool. Prior to version 2.0.57, Claude Code failed to properly validate directory changes when combined with write operations to protected folders. By using the cd command to navigate into sensitive directories like .claude, it was possible to bypass write protecti...

7.7CVSS0.00357EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.12 views

PT-2026-6763

Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 2.0.57 Description Claude Code, an agentic coding tool, did not properly validate directory changes when combined with write operations to protected folders. Utilizing the cd command to navigate into sensitive...

9.1CVSS5.5AI score0.00357EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/09 8:43 a.m.14 views

CVE-2022-33288

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information...

9.3CVSS7.3AI score0.00118EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-12871

Malware in sbrugna...

7.2CVSS6.6AI score0.00337EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-20688

Malware in sbrugna...

4.9CVSS5.1AI score0.00664EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-4287

Malware in sbrugna...

6.2CVSS6.4AI score0.00251EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-4144

Malware in sbrugna...

4.4CVSS4.8AI score0.00288EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-7220

Malware in sbrugna...

5.5CVSS5.6AI score0.00362EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-28437

Malware in sbrugna...

6.9CVSS5.5AI score0.00293EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-9766

Malware in sbrugna...

9.3CVSS7.9AI score0.00561EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-26375

Malware in sbrugna...

5.5CVSS5.6AI score0.00129EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-7219

Malware in sbrugna...

5.5CVSS5.6AI score0.00362EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-36331

Malicious code in bioql PyPI...

9.3CVSS8.5AI score0.00118EPSS
Exploits0References1
NVD
NVD
added 2025/10/01 12:15 p.m.21 views

CVE-2022-50448

In the Linux kernel, the following vulnerability has been resolved: mm/uffd: fix warning without PTEMARKERUFFDWP compiled in When PTEMARKERUFFDWP not configured, it's still possible to reach pte marker code and trigger an warning. Add a few CONFIGPTEMARKERUFFDWP ifdefs to make sure the code won't...

5.5CVSS0.0015EPSS
Exploits0References3
Rows per page
Query Builder