@anthropic-ai/claude-code
17 known vulnerabilities · 0 critical · 0 high
Claude Code Vulnerable to Command Injection via Directory Change Bypasses Write Protection
Claude Code: Sandbox Escape via Symlink Following Allows Arbitrary File Write Outside Workspace
Claude Code Leaks Data via Malicious Environment Configuration Before Trust Confirmation
Claude Code can execute commands prior to the startup trust dialog
Claude Code: Insecure System-Wide Configuration Loading Enables Local Privilege Escalation on Windows
Claude Code's Permissive Default Allowlist Enables Unauthorized File Read and Network Exfiltration in Claude Code
Claude Code Vulnerable to Arbitrary Code Execution via Plugin Autoloading with Specific Yarn Versions
Claude Code vulnerable to command execution prior to startup trust dialog
Claude Code Improper Authorization via websocket connections from arbitrary origins
Claude Code has Sandbox Escape via Persistent Configuration Injection in settings.json
Claude Code has a Workspace Trust Dialog Bypass via Repo-Controlled Settings File
Claude Code has a Command Injection in find Command Bypasses User Approval Prompt
Claude Code has a Domain Validation Bypass which Allows Automatic Requests to Attacker-Controlled Domains
Claude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write Restrictions
Claude Code has a Path Restriction Bypass via ZSH Clobber which Allows Arbitrary File Writes
Claude Code Command Validation Bypass Allows Arbitrary Code Execution