threat
engine
.sh
Back
·
··:··
Home
/
Product
/
anthropic claude code
Product
anthropic claude code
26 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-40068
>= 2.1.63 and < 2.1.84
In versions 2.1.63 through 2.1.83 of Claude Code, the folder trust determination logic used the git worktree commondir file withou
8.8
HIGH
CVE-2026-39861
< 2.1.64
Claude Code is an agentic coding tool. Prior to version 2.1.64, Claude Code's sandbox did not prevent sandboxed processes from cre
10.0
CRITICAL
CVE-2026-35603
< 2.1.75
Claude Code is an agentic coding tool. In versions prior to 2.1.75 on Windows, Claude Code loaded the system-wide default configur
7.3
HIGH
CVE-2026-35022
<= 2.1.91
Rejected reason: This CVE ID has been rejected by its CVE Numbering Authority (CNA). It was determined that the -p flag behavior i
CVE-2026-35021
<= 2.1.91
Rejected reason: This CVE ID has been rejected by its CVE Numbering Authority (CNA). It was determined that the affected code path
CVE-2026-35020
<= 2.1.91
Rejected reason: This CVE ID has been rejected by the its CVE Numbering Authority (CNA). It was determined that the attack require
CVE-2026-33068
< 2.1.53
Claude Code is an agentic coding tool. Versions prior to 2.1.53 resolved the permission mode from settings files, including the re
8.8
HIGH
CVE-2026-25725
< 2.1.2
Claude Code is an agentic coding tool. Prior to version 2.1.2, Claude Code's bubblewrap sandboxing mechanism failed to properly pr
10.0
CRITICAL
CVE-2026-25724
< 2.1.7
Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code failed to strictly enforce deny rules configured in set
7.5
HIGH
CVE-2026-25723
< 2.0.55
Claude Code is an agentic coding tool. Prior to version 2.0.55, Claude Code failed to properly validate commands using piped sed o
6.5
MEDIUM
CVE-2026-25722
< 2.0.57
Claude Code is an agentic coding tool. Prior to version 2.0.57, Claude Code failed to properly validate directory changes when com
9.1
CRITICAL
CVE-2026-24887
< 2.0.72
Claude Code is an agentic coding tool. Prior to version 2.0.72, due to an error in command parsing, it was possible to bypass the
8.8
HIGH
CVE-2026-24053
< 2.0.74
Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash command validation flaw in parsing ZSH clobber synta
6.5
MEDIUM
CVE-2026-24052
< 1.0.111
Claude Code is an agentic coding tool. Prior to version 1.0.111, Claude Code contained insufficient URL validation in its trusted
7.4
HIGH
CVE-2026-21852
< 2.0.65
Claude Code is an agentic coding tool. Prior to version 2.0.65, vulnerability in Claude Code's project-load flow allowed malicious
7.5
HIGH
CVE-2025-66032
< 1.0.93
Claude Code is an agentic coding tool. Prior to 1.0.93, Due to errors in parsing shell commands related to $IFS and short CLI flag
9.8
CRITICAL
CVE-2025-64755
< 2.0.31
Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass
9.8
CRITICAL
CVE-2025-65099
< 1.0.39
Claude Code is an agentic coding tool. Prior to version 1.0.39, when running on a machine with Yarn 3.0 or above, Claude Code coul
9.8
CRITICAL
CVE-2025-59829
< 1.0.120
Claude Code is an agentic coding tool. Versions below 1.0.120 failed to account for symlinks when checking permission deny rules.
6.5
MEDIUM
CVE-2025-59536
< 1.0.111
Claude Code is an agentic coding tool. Versions before 1.0.111 were vulnerable to Code Injection due to a bug in the startup trust
8.8
HIGH
CVE-2025-59828
< 1.0.39
Claude Code is an agentic coding tool. Prior to Claude Code version 1.0.39, when using Claude Code with Yarn versions 2.0+, Yarn p
9.8
CRITICAL
CVE-2025-59041
< 1.0.105
Claude Code is an agentic coding tool. At startup, Claude Code executed a command templated in with
git config user.email
. Prior
9.8
CRITICAL
CVE-2025-58764
< 1.0.105
Claude Code is an agentic coding tool. Due to an error in command parsing, versions prior to 1.0.105 were vulnerable to a bypass o
9.8
CRITICAL
CVE-2025-55284
< 1.0.4
Claude Code is an agentic coding tool. Prior to version 1.0.4, it's possible to bypass the Claude Code confirmation prompts to rea
7.5
HIGH
CVE-2025-54795
< 1.0.20
Claude Code is an agentic coding tool. In versions below 1.0.20, an error in command parsing makes it possible to bypass the Claud
9.8
CRITICAL
CVE-2025-54794
< 0.2.111
Claude Code is an agentic coding tool. In versions below 0.2.111, a path validation flaw using prefix matching instead of canonica
9.1
CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin