Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/02/05 1:22 a.m.6 views

CVE-2026-24053

Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the...

7.7CVSS5.3AI score0.00464EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 9:16 p.m.8 views

CVE-2026-24053

Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the...

7.7CVSS0.00464EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/03 8:49 p.m.2 views

CVE-2026-24053 Cluade Code has a Path Restriction Bypass via ZSH Clobber which Allows Arbitrary File Writes

Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the...

7.7CVSS5.4AI score0.00464EPSS
Exploits0References1
OSV
OSV
added 2026/02/03 8:49 p.m.4 views

CVE-2026-24053 Cluade Code has a Path Restriction Bypass via ZSH Clobber which Allows Arbitrary File Writes

Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the...

7.7CVSS5.4AI score0.00464EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/03 8:49 p.m.6 views

CVE-2026-24053

Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the...

7.7CVSS5.4AI score0.00464EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/02/03 8:49 p.m.39 views

CVE-2026-24053

Claude Code (Anthropic) is vulnerable to a path restriction bypass prior to version 2.0.74 due to a Bash command validation flaw when parsing ZSH clobber syntax. This allows an attacker using ZSH and injecting untrusted content into a Claude Code context window to bypass directory restrictions an...

7.7CVSS5.4AI score0.00464EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.5 views

PT-2026-6464

Due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the user to use ZSH and the ability to add untrusted content into a...

7.7CVSS5.7AI score0.00464EPSS
Exploits0References4
Rows per page
Query Builder