Lucene search
K

6 matches found

CNNVD
CNNVD
added 2025/11/19 12:0 a.m.5 views

Claude Code 代码注入漏洞

Claude Code is an open source proxy coding tool from Anthropic. A code injection vulnerability exists in Claude Code versions prior to 1.0.39, which stems from the possibility of executing project code via the yarn plugin without the user having to accept the startup trust dialog in Yarn 3.0 and...

9.8CVSS7.2AI score0.00441EPSS
Exploits0References1
Veracode
Veracode
added 2025/11/06 9:18 a.m.9 views

Arbitrary Code Execution

@anthropic-ai/claude-code is vulnerable to Arbitrary Code Execution. The vulnerability is due to the automatic execution of Yarn plugins when running yarn --version, which allows an attacker to bypass the directory trust dialog and execute code before the user confirms trust in the directory...

9.8CVSS7.7AI score0.00341EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2025/09/24 6:57 p.m.2 views

Missing Authorization

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Missing Authorization via the...

7.7CVSS7.9AI score0.00341EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/24 12:0 a.m.4 views

Claude Code 安全漏洞

Claude Code is an open source proxy coding tool from Anthropic. A security vulnerability exists in versions prior to Claude Code 1.0.39, which stems from the Yarn plugin auto-execution and could lead to bypassing the directory trust dialog...

9.8CVSS6.5AI score0.00341EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 4:38 p.m.3 views

Malicious code in yarn-plugin-backstage (npm)

The package yarn-plugin-backstage was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/09/05 4:38 p.m.1 views

MAL-2025-46785 Malicious code in yarn-plugin-backstage (npm)

The package yarn-plugin-backstage was found to contain malicious code...

7AI score
Exploits0
Rows per page
Query Builder