| CVE-2026-40068 |
high |
8.8 |
8.8 |
22d ago |
Claude Code: Trust Dialog Bypass via Git Worktree Spoofing Allows Arbitrary Code Execution |
|
| CVE-2026-39861 |
unknown |
— |
— |
1mo ago |
Claude Code: Sandbox Escape via Symlink Following Allows Arbitrary File Write Outside Workspace |
|
| CVE-2026-35603 |
unknown |
— |
— |
1mo ago |
Claude Code: Insecure System-Wide Configuration Loading Enables Local Privilege Escalation on Windows |
|
| CVE-2026-33068 |
unknown |
— |
— |
2mo ago |
Claude Code has a Workspace Trust Dialog Bypass via Repo-Controlled Settings File |
|
| CVE-2026-25725 |
unknown |
— |
— |
4mo ago |
Claude Code has Sandbox Escape via Persistent Configuration Injection in settings.json |
|
| CVE-2026-25724 |
unknown |
— |
— |
4mo ago |
Claude Code has Permission Deny Bypass Through Symbolic Links |
|
| CVE-2026-25723 |
unknown |
— |
— |
4mo ago |
Claude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write Restrictions |
|
| CVE-2026-25722 |
unknown |
— |
— |
4mo ago |
Claude Code Vulnerable to Command Injection via Directory Change Bypasses Write Protection |
|
| CVE-2026-24887 |
unknown |
— |
— |
4mo ago |
Claude Code has a Command Injection in find Command Bypasses User Approval Prompt |
|
| CVE-2026-24053 |
unknown |
— |
— |
4mo ago |
Claude Code has a Path Restriction Bypass via ZSH Clobber which Allows Arbitrary File Writes |
|
| CVE-2026-24052 |
unknown |
— |
— |
4mo ago |
Claude Code has a Domain Validation Bypass which Allows Automatic Requests to Attacker-Controlled Domains |
|
| CVE-2026-21852 |
unknown |
— |
— |
4mo ago |
Claude Code Leaks Data via Malicious Environment Configuration Before Trust Confirmation |
|
| CVE-2025-66032 |
unknown |
— |
— |
6mo ago |
Claude Code Command Validation Bypass Allows Arbitrary Code Execution |
|
| CVE-2025-64755 |
unknown |
— |
— |
6mo ago |
@anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File Writes |
|
| CVE-2025-65099 |
unknown |
— |
— |
6mo ago |
Claude Code vulnerable to command execution prior to startup trust dialog |
|
| CVE-2025-59829 |
unknown |
— |
— |
8mo ago |
Claude Code permission deny bypass through symlink |
|
| CVE-2025-59536 |
unknown |
— |
— |
8mo ago |
Claude Code can execute commands prior to the startup trust dialog |
|
| CVE-2025-59828 |
unknown |
— |
— |
8mo ago |
Claude Code Vulnerable to Arbitrary Code Execution via Plugin Autoloading with Specific Yarn Versions |
|
| CVE-2025-59041 |
unknown |
— |
— |
9mo ago |
Claude Code vulnerable to arbitrary code execution caused by maliciously configured git email |
|
| CVE-2025-58764 |
unknown |
— |
— |
9mo ago |
Claude Code rg vulnerability does not protect against approval prompt bypass |
|
| CVE-2025-55284 |
unknown |
— |
— |
9mo ago |
Claude Code's Permissive Default Allowlist Enables Unauthorized File Read and Network Exfiltration in Claude Code |
|
| CVE-2025-54795 |
unknown |
— |
— |
10mo ago |
Claude Code echo command allowed bypass of user approval prompt for command execution |
|
| CVE-2025-54794 |
unknown |
— |
— |
10mo ago |
Claude Code Research Preview has a Path Restriction Bypass which could allow unauthorized file access |
|
| CVE-2025-52882 |
unknown |
— |
— |
11mo ago |
Claude Code Improper Authorization via websocket connections from arbitrary origins |
|