Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/810201?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/810201?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@1.0.0", "type": "npm", "namespace": "@anthropic-ai", "name": "claude-code", "version": "1.0.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.1.84", "latest_non_vulnerable_version": "2.1.84", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/101043?format=api", "vulnerability_id": "VCID-23v9-9bjh-xucf", "summary": "Claude Code is an agentic coding tool. At startup, Claude Code executed a command templated in with `git config user.email`. Prior to version 1.0.105, a maliciously configured user email in git could be used to trigger arbitrary code execution before a user accepted the workspace trust dialog. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to version 1.0.105 or the latest version.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00529", "scoring_system": "epss", "scoring_elements": "0.67733", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00529", "scoring_system": "epss", "scoring_elements": "0.67743", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00529", "scoring_system": "epss", "scoring_elements": "0.67643", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00529", "scoring_system": "epss", "scoring_elements": "0.67745", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59041" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59041", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59041" }, { "reference_url": "https://www.npmjs.com/package/@anthropic-ai/claude-code/v/1.0.105", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.npmjs.com/package/@anthropic-ai/claude-code/v/1.0.105" }, { "reference_url": "https://github.com/advisories/GHSA-j4h9-wv2m-wrf7", "reference_id": "GHSA-j4h9-wv2m-wrf7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j4h9-wv2m-wrf7" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-j4h9-wv2m-wrf7", "reference_id": "GHSA-j4h9-wv2m-wrf7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-15T16:00:32Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-j4h9-wv2m-wrf7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376570?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@1.0.105", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-9xnn-xb63-4kcy" }, { "vulnerability": "VCID-bq1w-3v69-pbce" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-nnbh-d85s-9fcq" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-s93j-6ywj-mkgp" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-vfe2-d3w2-bbdq" }, { "vulnerability": "VCID-wz3k-jht3-wqd7" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@1.0.105" } ], "aliases": [ "CVE-2025-59041", "GHSA-j4h9-wv2m-wrf7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-23v9-9bjh-xucf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/360544?format=api", "vulnerability_id": "VCID-58b9-dry7-m3ae", "summary": "Claude Code Vulnerable to Arbitrary Code Execution Due to Insufficient Startup Warning\nWhen Claude Code was started in a new directory, it displayed a warning asking, \"Do you trust the files in this folder?\". This warning did not properly document that selecting \"Yes, proceed\" would allow Claude Code to execute files in the folder without additional confirmation. This may not have been clear to a user so we have updated the warning to clarify this functionality. \n\nUsers on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version.\n\nThank you to https://hackerone.com/avivdon for reporting this issue!", "references": [ { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-ph6w-f82w-28w6", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-ph6w-f82w-28w6" }, { "reference_url": "https://github.com/advisories/GHSA-ph6w-f82w-28w6", "reference_id": "GHSA-ph6w-f82w-28w6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-ph6w-f82w-28w6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376763?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@1.0.87", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-23v9-9bjh-xucf" }, { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-9xnn-xb63-4kcy" }, { "vulnerability": "VCID-aaxm-zy23-jqgk" }, { "vulnerability": "VCID-bq1w-3v69-pbce" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-nnbh-d85s-9fcq" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-s93j-6ywj-mkgp" }, { "vulnerability": "VCID-tvbt-snyh-xybc" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-vfe2-d3w2-bbdq" }, { "vulnerability": "VCID-wz3k-jht3-wqd7" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@1.0.87" } ], "aliases": [ "GHSA-ph6w-f82w-28w6" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-58b9-dry7-m3ae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82759?format=api", "vulnerability_id": "VCID-8hkg-9y7u-nuee", "summary": "Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the user to use ZSH and the ability to add untrusted content into a Claude Code context window. This issue has been patched in version 2.0.74.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07374", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07364", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07367", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07331", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24053" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24053", "reference_id": "CVE-2026-24053", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24053" }, { "reference_url": "https://github.com/advisories/GHSA-q728-gf8j-w49r", "reference_id": "GHSA-q728-gf8j-w49r", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q728-gf8j-w49r" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-q728-gf8j-w49r", "reference_id": "GHSA-q728-gf8j-w49r", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-03T21:22:17Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-q728-gf8j-w49r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38682?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@2.0.74", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@2.0.74" } ], "aliases": [ "CVE-2026-24053", "GHSA-q728-gf8j-w49r" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8hkg-9y7u-nuee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90646?format=api", "vulnerability_id": "VCID-9xnn-xb63-4kcy", "summary": "Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. This issue has been patched in version 2.0.31.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64755", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29787", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29789", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29805", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.2959", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64755" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64755", "reference_id": "CVE-2025-64755", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64755" }, { "reference_url": "https://github.com/advisories/GHSA-7mv8-j34q-vp7q", "reference_id": "GHSA-7mv8-j34q-vp7q", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7mv8-j34q-vp7q" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-7mv8-j34q-vp7q", "reference_id": "GHSA-7mv8-j34q-vp7q", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-24T17:16:40Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-7mv8-j34q-vp7q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35372?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@2.0.31", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-bq1w-3v69-pbce" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-s93j-6ywj-mkgp" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@2.0.31" } ], "aliases": [ "CVE-2025-64755", "GHSA-7mv8-j34q-vp7q" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9xnn-xb63-4kcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94898?format=api", "vulnerability_id": "VCID-aaxm-zy23-jqgk", "summary": "Claude Code is an agentic coding tool. Prior to 1.0.93, Due to errors in parsing shell commands related to $IFS and short CLI flags, it was possible to bypass the Claude Code read-only validation and trigger arbitrary code execution. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. This vulnerability is fixed in 1.0.93.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-66032", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.12213", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.12193", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.12215", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1212", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-66032" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66032", "reference_id": "CVE-2025-66032", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66032" }, { "reference_url": "https://github.com/advisories/GHSA-xq4m-mc3c-vvg3", "reference_id": "GHSA-xq4m-mc3c-vvg3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xq4m-mc3c-vvg3" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-xq4m-mc3c-vvg3", "reference_id": "GHSA-xq4m-mc3c-vvg3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-12-03T19:11:23Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-xq4m-mc3c-vvg3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35784?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@1.0.93", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-23v9-9bjh-xucf" }, { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-9xnn-xb63-4kcy" }, { "vulnerability": "VCID-bq1w-3v69-pbce" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-nnbh-d85s-9fcq" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-s93j-6ywj-mkgp" }, { "vulnerability": "VCID-tvbt-snyh-xybc" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-vfe2-d3w2-bbdq" }, { "vulnerability": "VCID-wz3k-jht3-wqd7" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@1.0.93" } ], "aliases": [ "CVE-2025-66032", "GHSA-xq4m-mc3c-vvg3" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aaxm-zy23-jqgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65925?format=api", "vulnerability_id": "VCID-bq1w-3v69-pbce", "summary": "Claude Code is an agentic coding tool. Prior to version 2.0.55, Claude Code failed to properly validate commands using piped sed operations with the echo command, allowing attackers to bypass file write restrictions. This vulnerability enabled writing to sensitive directories like the .claude folder and paths outside the project scope. Exploiting this required the ability to execute commands through Claude Code with the \"accept edits\" feature enabled. This issue has been patched in version 2.0.55.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25723", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31173", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31171", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31188", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.30977", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25723" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25723", "reference_id": "CVE-2026-25723", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25723" }, { "reference_url": "https://github.com/advisories/GHSA-mhg7-666j-cqg4", "reference_id": "GHSA-mhg7-666j-cqg4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mhg7-666j-cqg4" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-mhg7-666j-cqg4", "reference_id": "GHSA-mhg7-666j-cqg4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-06T18:40:45Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-mhg7-666j-cqg4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38867?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@2.0.55", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-s93j-6ywj-mkgp" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@2.0.55" } ], "aliases": [ "CVE-2026-25723", "GHSA-mhg7-666j-cqg4" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bq1w-3v69-pbce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104669?format=api", "vulnerability_id": "VCID-d31d-gehk-27a7", "summary": "Claude Code is an agentic coding tool. Claude Code extensions in VSCode and forks (e.g., Cursor, Windsurf, and VSCodium) and JetBrains IDEs (e.g., IntelliJ, Pycharm, and Android Studio) are vulnerable to unauthorized websocket connections from an attacker when visiting attacker-controlled webpages. Claude Code for VSCode IDE extensions versions 0.2.116 through 1.0.23 are vulnerable. For Jetbrains IDE plugins, Claude Code [beta] versions 0.1.1 through 0.1.8 are vulnerable. In VSCode (and forks), exploitation would allow an attacker to read arbitrary files, see the list of files open in the IDE, get selection and diagnostics events from the IDE, or execute code in limited situations where a user has an open Jupyter Notebook and accepts a malicious prompt. In JetBrains IDEs, an attacker could get selection events, a list of open files, and a list of syntax errors. Claude released a patch for this issue on June 13th, 2025. Although Claude Code auto-updates when a user launch it and auto-updates the extensions, users should take the following steps, though the exact steps depend on one's integrated development environment (IDE). For VSCode, Cursor, Windsurf, VSCodium, and other VSCode forks, check the extension Claude Code for VSCode. Open the list of Extensions (View->Extensions), look for Claude Code for VSCode among installed extensions, update or uninstall any version prior to 1.0.24, and restart the IDE. For JetBrains IDEs including IntelliJ, PyCharm, and Android Studio, check the plugin Claude Code [Beta]. Open the Plugins list, look for Claude Code [Beta] among installed extensions, update or uninstall any version prior to 0.1.9, and restart the IDE.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-52882", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.50135", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.50001", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.66356", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.66358", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-52882" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52882", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52882" }, { "reference_url": "https://github.com/advisories/GHSA-9f65-56v6-gxw7", "reference_id": "GHSA-9f65-56v6-gxw7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9f65-56v6-gxw7" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-9f65-56v6-gxw7", "reference_id": "GHSA-9f65-56v6-gxw7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-24T20:43:30Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-9f65-56v6-gxw7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378614?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@1.0.24", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-23v9-9bjh-xucf" }, { "vulnerability": "VCID-58b9-dry7-m3ae" }, { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-9xnn-xb63-4kcy" }, { "vulnerability": "VCID-aaxm-zy23-jqgk" }, { "vulnerability": "VCID-bq1w-3v69-pbce" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-gcgy-28jg-6qcz" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-k1dd-n7pn-x3ar" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-nnbh-d85s-9fcq" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-s93j-6ywj-mkgp" }, { "vulnerability": "VCID-tvbt-snyh-xybc" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-vfe2-d3w2-bbdq" }, { "vulnerability": "VCID-wz3k-jht3-wqd7" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@1.0.24" } ], "aliases": [ "CVE-2025-52882", "GHSA-9f65-56v6-gxw7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d31d-gehk-27a7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73011?format=api", "vulnerability_id": "VCID-eknb-tjkn-nucw", "summary": "Claude Code is an agentic coding tool. Prior to version 2.1.64, Claude Code's sandbox did not prevent sandboxed processes from creating symlinks pointing to locations outside the workspace. When Claude Code subsequently wrote to a path within such a symlink, its unsandboxed process followed the symlink and wrote to the target location outside the workspace without prompting the user for confirmation. This allowed a sandbox escape where neither the sandboxed command nor the unsandboxed app could independently write outside the workspace, but their combination could write to arbitrary locations, potentially leading to code execution outside the sandbox. Reliably exploiting this required the ability to add untrusted content into a Claude Code context window to trigger sandboxed code execution via prompt injection. Users on standard Claude Code auto-update have received this fix automatically. Users performing manual updates are advised to update to version 2.1.64 or later.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37939", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37927", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37736", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37913", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39861" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39861", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39861" }, { "reference_url": "https://github.com/advisories/GHSA-vp62-r36r-9xqp", "reference_id": "GHSA-vp62-r36r-9xqp", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vp62-r36r-9xqp" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-vp62-r36r-9xqp", "reference_id": "GHSA-vp62-r36r-9xqp", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:44:29Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-vp62-r36r-9xqp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/374147?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@2.1.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2f9f-gms1-5qbb" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@2.1.64" } ], "aliases": [ "CVE-2026-39861", "GHSA-vp62-r36r-9xqp" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eknb-tjkn-nucw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91168?format=api", "vulnerability_id": "VCID-gcgy-28jg-6qcz", "summary": "Claude Code is an agentic coding tool. Prior to version 1.0.39, when running on a machine with Yarn 3.0 or above, Claude Code could have been tricked to execute code contained in a project via yarn plugins before the user accepted the startup trust dialog. Exploiting this would have required a user to start Claude Code in an untrusted directory and to be using Yarn 3.0 or above. This issue has been patched in version 1.0.39.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-65099", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.3415", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34152", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34174", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33974", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-65099" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65099", "reference_id": "CVE-2025-65099", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65099" }, { "reference_url": "https://github.com/advisories/GHSA-5hhx-v7f6-x7gv", "reference_id": "GHSA-5hhx-v7f6-x7gv", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5hhx-v7f6-x7gv" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-5hhx-v7f6-x7gv", "reference_id": "GHSA-5hhx-v7f6-x7gv", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-20T14:20:38Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-5hhx-v7f6-x7gv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33938?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@1.0.39", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-23v9-9bjh-xucf" }, { "vulnerability": "VCID-58b9-dry7-m3ae" }, { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-9xnn-xb63-4kcy" }, { "vulnerability": "VCID-aaxm-zy23-jqgk" }, { "vulnerability": "VCID-bq1w-3v69-pbce" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-nnbh-d85s-9fcq" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-s93j-6ywj-mkgp" }, { "vulnerability": "VCID-tvbt-snyh-xybc" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-vfe2-d3w2-bbdq" }, { "vulnerability": "VCID-wz3k-jht3-wqd7" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@1.0.39" } ], "aliases": [ "CVE-2025-65099", "GHSA-5hhx-v7f6-x7gv" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gcgy-28jg-6qcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74466?format=api", "vulnerability_id": "VCID-jngf-93ma-ufh5", "summary": "Claude Code is an agentic coding tool. Prior to version 2.0.65, vulnerability in Claude Code's project-load flow allowed malicious repositories to exfiltrate data including Anthropic API keys before users confirmed trust. An attacker-controlled repository could include a settings file that sets ANTHROPIC_BASE_URL to an attacker-controlled endpoint and when the repository was opened, Claude Code would read the configuration and immediately issue API requests before showing the trust prompt, potentially leaking the user's API keys. Users on standard Claude Code auto-update have received this fix already. Users performing manual updates are advised to update to version 2.0.65, which contains a patch, or to the latest version.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21852", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.1031", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.10293", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.10261", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.10315", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21852" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21852", "reference_id": "CVE-2026-21852", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21852" }, { "reference_url": "https://github.com/advisories/GHSA-jh7p-qr78-84p7", "reference_id": "GHSA-jh7p-qr78-84p7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jh7p-qr78-84p7" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-jh7p-qr78-84p7", "reference_id": "GHSA-jh7p-qr78-84p7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T21:34:19Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-jh7p-qr78-84p7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37954?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@2.0.65", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@2.0.65" } ], "aliases": [ "CVE-2026-21852", "GHSA-jh7p-qr78-84p7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jngf-93ma-ufh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71586?format=api", "vulnerability_id": "VCID-k12x-zwx4-vbdc", "summary": "Claude Code is an agentic coding tool. In versions prior to 2.1.75 on Windows, Claude Code loaded the system-wide default configuration from C:\\ProgramData\\ClaudeCode\\managed-settings.json without validating directory ownership or access permissions. Because the ProgramData directory is writable by non-administrative users by default and the ClaudeCode subdirectory was not pre-created or access-restricted, a low-privileged local user could create this directory and place a malicious configuration file that would be automatically loaded for any user launching Claude Code on the same machine. Exploiting this would have required a shared multi-user Windows system and a victim user to launch Claude Code after the malicious configuration was placed. This issue has been fixed on version 2.1.75.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35603", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01959", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01946", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.0195", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01949", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35603" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "5.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35603", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "5.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35603" }, { "reference_url": "https://github.com/advisories/GHSA-5cwg-9f6j-9jvx", "reference_id": "GHSA-5cwg-9f6j-9jvx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5cwg-9f6j-9jvx" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-5cwg-9f6j-9jvx", "reference_id": "GHSA-5cwg-9f6j-9jvx", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "5.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-20T14:52:20Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-5cwg-9f6j-9jvx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/374231?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@2.1.75", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2f9f-gms1-5qbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@2.1.75" } ], "aliases": [ "CVE-2026-35603", "GHSA-5cwg-9f6j-9jvx" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k12x-zwx4-vbdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/101167?format=api", "vulnerability_id": "VCID-k1dd-n7pn-x3ar", "summary": "Claude Code is an agentic coding tool. Prior to Claude Code version 1.0.39, when using Claude Code with Yarn versions 2.0+, Yarn plugins are auto-executed when running yarn --version. This could lead to a bypass of the directory trust dialog in Claude Code, as plugins would be executed prior to the user accepting the risks of working in an untrusted directory. Users running Yarn Classic were unaffected by this issue. This issue has been fixed in version 1.0.39. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59828", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2716", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27163", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26957", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27178", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59828" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://www.cve.org/CVERecord?id=CVE-2025-59828", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cve.org/CVERecord?id=CVE-2025-59828" }, { "reference_url": "https://yarnpkg.com/advanced/plugin-tutorial", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://yarnpkg.com/advanced/plugin-tutorial" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59828", "reference_id": "CVE-2025-59828", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59828" }, { "reference_url": "https://github.com/advisories/GHSA-2jjv-qf24-vfm4", "reference_id": "GHSA-2jjv-qf24-vfm4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2jjv-qf24-vfm4" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-2jjv-qf24-vfm4", "reference_id": "GHSA-2jjv-qf24-vfm4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T19:48:56Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-2jjv-qf24-vfm4" }, { "reference_url": "https://osv.dev/vulnerability/GHSA-2jjv-qf24-vfm4", "reference_id": "GHSA-2jjv-qf24-vfm4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://osv.dev/vulnerability/GHSA-2jjv-qf24-vfm4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33938?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@1.0.39", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-23v9-9bjh-xucf" }, { "vulnerability": "VCID-58b9-dry7-m3ae" }, { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-9xnn-xb63-4kcy" }, { "vulnerability": "VCID-aaxm-zy23-jqgk" }, { "vulnerability": "VCID-bq1w-3v69-pbce" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-nnbh-d85s-9fcq" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-s93j-6ywj-mkgp" }, { "vulnerability": "VCID-tvbt-snyh-xybc" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-vfe2-d3w2-bbdq" }, { "vulnerability": "VCID-wz3k-jht3-wqd7" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@1.0.39" } ], "aliases": [ "CVE-2025-59828", "GHSA-2jjv-qf24-vfm4" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k1dd-n7pn-x3ar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/121384?format=api", "vulnerability_id": "VCID-kfbk-chhn-syeu", "summary": "Claude Code is an agentic coding tool. Prior to version 1.0.4, it's possible to bypass the Claude Code confirmation prompts to read a file and then send file contents over the network without user confirmation due to an overly broad allowlist of safe commands. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update received this fix automatically after release. Current users of Claude Code are unaffected, as versions prior to 1.0.24 are deprecated and have been forced to update.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-55284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33402", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61608", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61604", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61612", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-55284" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55284", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55284" }, { "reference_url": "https://github.com/advisories/GHSA-x5gv-jw7f-j6xj", "reference_id": "GHSA-x5gv-jw7f-j6xj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x5gv-jw7f-j6xj" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-x5gv-jw7f-j6xj", "reference_id": "GHSA-x5gv-jw7f-j6xj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-18T14:00:34Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-x5gv-jw7f-j6xj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377512?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@1.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-23v9-9bjh-xucf" }, { "vulnerability": "VCID-58b9-dry7-m3ae" }, { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-9xnn-xb63-4kcy" }, { "vulnerability": "VCID-aaxm-zy23-jqgk" }, { "vulnerability": "VCID-bq1w-3v69-pbce" }, { "vulnerability": "VCID-d31d-gehk-27a7" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-gcgy-28jg-6qcz" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-k1dd-n7pn-x3ar" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-nnbh-d85s-9fcq" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-s93j-6ywj-mkgp" }, { "vulnerability": "VCID-tvbt-snyh-xybc" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-vfe2-d3w2-bbdq" }, { "vulnerability": "VCID-vge5-5hw7-x7ac" }, { "vulnerability": "VCID-wz3k-jht3-wqd7" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@1.0.4" } ], "aliases": [ "CVE-2025-55284", "GHSA-x5gv-jw7f-j6xj" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kfbk-chhn-syeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83034?format=api", "vulnerability_id": "VCID-m35s-19cy-7fah", "summary": "Claude Code is an agentic coding tool. Prior to version 2.0.72, due to an error in command parsing, it was possible to bypass the Claude Code confirmation prompt to trigger execution of untrusted commands through the find command. Reliably exploiting this required the ability to add untrusted content into a Claude Code context window. This issue has been patched in version 2.0.72.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24887", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2122", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21212", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21234", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21039", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24887" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24887", "reference_id": "CVE-2026-24887", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24887" }, { "reference_url": "https://github.com/advisories/GHSA-qgqw-h4xq-7w8w", "reference_id": "GHSA-qgqw-h4xq-7w8w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qgqw-h4xq-7w8w" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-qgqw-h4xq-7w8w", "reference_id": "GHSA-qgqw-h4xq-7w8w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-03T21:19:31Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-qgqw-h4xq-7w8w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38687?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@2.0.72", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@2.0.72" } ], "aliases": [ "CVE-2026-24887", "GHSA-qgqw-h4xq-7w8w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m35s-19cy-7fah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100735?format=api", "vulnerability_id": "VCID-nnbh-d85s-9fcq", "summary": "Claude Code is an agentic coding tool. Versions below 1.0.120 failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the file. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version. This issue is fixed in version 1.0.120.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59829", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20176", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20172", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20003", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20197", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59829" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59829", "reference_id": "CVE-2025-59829", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59829" }, { "reference_url": "https://github.com/advisories/GHSA-66m2-gx93-v996", "reference_id": "GHSA-66m2-gx93-v996", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-66m2-gx93-v996" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-66m2-gx93-v996", "reference_id": "GHSA-66m2-gx93-v996", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T20:24:19Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-66m2-gx93-v996" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34077?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@1.0.120", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-9xnn-xb63-4kcy" }, { "vulnerability": "VCID-bq1w-3v69-pbce" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-s93j-6ywj-mkgp" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@1.0.120" } ], "aliases": [ "CVE-2025-59829", "GHSA-66m2-gx93-v996" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nnbh-d85s-9fcq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65808?format=api", "vulnerability_id": "VCID-q4mz-ep5j-zqd9", "summary": "Claude Code is an agentic coding tool. Prior to version 2.1.2, Claude Code's bubblewrap sandboxing mechanism failed to properly protect the .claude/settings.json configuration file when it did not exist at startup. While the parent directory was mounted as writable and .claude/settings.local.json was explicitly protected with read-only constraints, settings.json was not protected if it was missing. This allowed malicious code running inside the sandbox to create this file and inject persistent hooks (such as SessionStart commands) that would execute with host privileges when Claude Code was restarted. This issue has been patched in version 2.1.2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.08011", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.08003", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.08006", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07977", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25725" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25725", "reference_id": "CVE-2026-25725", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25725" }, { "reference_url": "https://github.com/advisories/GHSA-ff64-7w26-62rf", "reference_id": "GHSA-ff64-7w26-62rf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-ff64-7w26-62rf" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-ff64-7w26-62rf", "reference_id": "GHSA-ff64-7w26-62rf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-06T19:04:47Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-ff64-7w26-62rf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38872?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@2.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@2.1.2" } ], "aliases": [ "CVE-2026-25725", "GHSA-ff64-7w26-62rf" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q4mz-ep5j-zqd9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65624?format=api", "vulnerability_id": "VCID-s93j-6ywj-mkgp", "summary": "Claude Code is an agentic coding tool. Prior to version 2.0.57, Claude Code failed to properly validate directory changes when combined with write operations to protected folders. By using the cd command to navigate into sensitive directories like .claude, it was possible to bypass write protection and create or modify files without user confirmation. Reliably exploiting this required the ability to add untrusted content into a Claude Code context window. This issue has been patched in version 2.0.57.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25722", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47997", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47982", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47841", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25722" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25722", "reference_id": "CVE-2026-25722", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25722" }, { "reference_url": "https://github.com/advisories/GHSA-66q4-vfjg-2qhh", "reference_id": "GHSA-66q4-vfjg-2qhh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-66q4-vfjg-2qhh" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-66q4-vfjg-2qhh", "reference_id": "GHSA-66q4-vfjg-2qhh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-06T18:41:50Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-66q4-vfjg-2qhh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38866?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@2.0.57", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@2.0.57" } ], "aliases": [ "CVE-2026-25722", "GHSA-66q4-vfjg-2qhh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s93j-6ywj-mkgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94150?format=api", "vulnerability_id": "VCID-tvbt-snyh-xybc", "summary": "Claude Code is an agentic coding tool. Due to an error in command parsing, versions prior to 1.0.105 were vulnerable to a bypass of the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to version 1.0.105 or the latest version.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58764", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00683", "scoring_system": "epss", "scoring_elements": "0.7221", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00683", "scoring_system": "epss", "scoring_elements": "0.72217", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00683", "scoring_system": "epss", "scoring_elements": "0.72126", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00683", "scoring_system": "epss", "scoring_elements": "0.72222", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58764" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58764", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58764" }, { "reference_url": "https://github.com/advisories/GHSA-qxfv-fcpc-w36x", "reference_id": "GHSA-qxfv-fcpc-w36x", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qxfv-fcpc-w36x" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-qxfv-fcpc-w36x", "reference_id": "GHSA-qxfv-fcpc-w36x", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-09-11T14:27:25Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-qxfv-fcpc-w36x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376570?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@1.0.105", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-9xnn-xb63-4kcy" }, { "vulnerability": "VCID-bq1w-3v69-pbce" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-nnbh-d85s-9fcq" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-s93j-6ywj-mkgp" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-vfe2-d3w2-bbdq" }, { "vulnerability": "VCID-wz3k-jht3-wqd7" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@1.0.105" } ], "aliases": [ "CVE-2025-58764", "GHSA-qxfv-fcpc-w36x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tvbt-snyh-xybc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77897?format=api", "vulnerability_id": "VCID-tvxd-p441-5fa9", "summary": "Claude Code is an agentic coding tool. Versions prior to 2.1.53 resolved the permission mode from settings files, including the repo-controlled .claude/settings.json, before determining whether to display the workspace trust confirmation dialog. A malicious repository could set permissions.defaultMode to bypassPermissions in its committed .claude/settings.json, causing the trust dialog to be silently skipped on first open. This allowed a user to be placed into a permissive mode without seeing the trust confirmation prompt, making it easier for an attacker-controlled repository to gain tool execution without explicit user consent. This issue has been patched in version 2.1.53.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33068", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46816", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46812", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46672", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.4683", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33068" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33068", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33068" }, { "reference_url": "https://github.com/advisories/GHSA-mmgp-wc2j-qcv7", "reference_id": "GHSA-mmgp-wc2j-qcv7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mmgp-wc2j-qcv7" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-mmgp-wc2j-qcv7", "reference_id": "GHSA-mmgp-wc2j-qcv7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T13:48:28Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-mmgp-wc2j-qcv7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/374679?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@2.1.53", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@2.1.53" } ], "aliases": [ "CVE-2026-33068", "GHSA-mmgp-wc2j-qcv7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tvxd-p441-5fa9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100679?format=api", "vulnerability_id": "VCID-vfe2-d3w2-bbdq", "summary": "Claude Code is an agentic coding tool. Versions before 1.0.111 were vulnerable to Code Injection due to a bug in the startup trust dialog implementation. Claude Code could be tricked to execute code contained in a project before the user accepted the startup trust dialog. Exploiting this requires a user to start Claude Code in an untrusted directory. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version. This issue is fixed in version 1.0.111.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59536", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13722", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13697", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13605", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13723", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59536" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59536", "reference_id": "CVE-2025-59536", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59536" }, { "reference_url": "https://github.com/advisories/GHSA-4fgq-fpq9-mr3g", "reference_id": "GHSA-4fgq-fpq9-mr3g", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4fgq-fpq9-mr3g" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-4fgq-fpq9-mr3g", "reference_id": "GHSA-4fgq-fpq9-mr3g", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-03T13:26:09Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-4fgq-fpq9-mr3g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34076?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@1.0.111", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-9xnn-xb63-4kcy" }, { "vulnerability": "VCID-bq1w-3v69-pbce" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-nnbh-d85s-9fcq" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-s93j-6ywj-mkgp" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@1.0.111" } ], "aliases": [ "CVE-2025-59536", "GHSA-4fgq-fpq9-mr3g" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vfe2-d3w2-bbdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87785?format=api", "vulnerability_id": "VCID-vge5-5hw7-x7ac", "summary": "Claude Code is an agentic coding tool. In versions below 1.0.20, an error in command parsing makes it possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. This is fixed in version 1.0.20.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54795", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.68213", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.68223", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.68124", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.68225", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54795" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54795", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54795" }, { "reference_url": "https://github.com/advisories/GHSA-x56v-x2h6-7j34", "reference_id": "GHSA-x56v-x2h6-7j34", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x56v-x2h6-7j34" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-x56v-x2h6-7j34", "reference_id": "GHSA-x56v-x2h6-7j34", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-05T14:21:40Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-x56v-x2h6-7j34" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377473?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@1.0.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-23v9-9bjh-xucf" }, { "vulnerability": "VCID-58b9-dry7-m3ae" }, { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-9xnn-xb63-4kcy" }, { "vulnerability": "VCID-aaxm-zy23-jqgk" }, { "vulnerability": "VCID-bq1w-3v69-pbce" }, { "vulnerability": "VCID-d31d-gehk-27a7" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-gcgy-28jg-6qcz" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-k1dd-n7pn-x3ar" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-nnbh-d85s-9fcq" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-s93j-6ywj-mkgp" }, { "vulnerability": "VCID-tvbt-snyh-xybc" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-vfe2-d3w2-bbdq" }, { "vulnerability": "VCID-wz3k-jht3-wqd7" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@1.0.20" } ], "aliases": [ "CVE-2025-54795", "GHSA-x56v-x2h6-7j34" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vge5-5hw7-x7ac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82787?format=api", "vulnerability_id": "VCID-wz3k-jht3-wqd7", "summary": "Claude Code is an agentic coding tool. Prior to version 1.0.111, Claude Code contained insufficient URL validation in its trusted domain verification mechanism for WebFetch requests. The application used a startsWith() function to validate trusted domains (e.g., docs.python.org, modelcontextprotocol.io), this could have enabled attackers to register domains like modelcontextprotocol.io.example.com that would pass validation. This could enable automatic requests to attacker-controlled domains without user consent, potentially leading to data exfiltration. This issue has been patched in version 1.0.111.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24052", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04889", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04863", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04884", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04874", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24052" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24052", "reference_id": "CVE-2026-24052", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24052" }, { "reference_url": "https://github.com/advisories/GHSA-vhw5-3g5m-8ggf", "reference_id": "GHSA-vhw5-3g5m-8ggf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vhw5-3g5m-8ggf" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-vhw5-3g5m-8ggf", "reference_id": "GHSA-vhw5-3g5m-8ggf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T20:00:03Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-vhw5-3g5m-8ggf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34076?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@1.0.111", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8hkg-9y7u-nuee" }, { "vulnerability": "VCID-9xnn-xb63-4kcy" }, { "vulnerability": "VCID-bq1w-3v69-pbce" }, { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-jngf-93ma-ufh5" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-m35s-19cy-7fah" }, { "vulnerability": "VCID-nnbh-d85s-9fcq" }, { "vulnerability": "VCID-q4mz-ep5j-zqd9" }, { "vulnerability": "VCID-s93j-6ywj-mkgp" }, { "vulnerability": "VCID-tvxd-p441-5fa9" }, { "vulnerability": "VCID-zvre-m7v3-qygz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@1.0.111" } ], "aliases": [ "CVE-2026-24052", "GHSA-vhw5-3g5m-8ggf" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wz3k-jht3-wqd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65683?format=api", "vulnerability_id": "VCID-zvre-m7v3-qygz", "summary": "Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code failed to strictly enforce deny rules configured in settings.json when accessing files through symbolic links. If a user explicitly denied Claude Code access to a file (such as /etc/passwd) and Claude Code had access to a symbolic link pointing to that file, it was possible for Claude Code to read the restricted file through the symlink without triggering deny rule enforcement. This issue has been patched in version 2.1.7.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25724", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19461", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19437", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19441", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19271", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25724" }, { "reference_url": "https://github.com/anthropics/claude-code", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/anthropics/claude-code" }, { "reference_url": "https://www.terra.security/blog/when-ai-becomes-the-attack-surface-lessons-from-discovering-cve-2026-25724", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.terra.security/blog/when-ai-becomes-the-attack-surface-lessons-from-discovering-cve-2026-25724" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25724", "reference_id": "CVE-2026-25724", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25724" }, { "reference_url": "https://github.com/advisories/GHSA-4q92-rfm6-2cqx", "reference_id": "GHSA-4q92-rfm6-2cqx", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4q92-rfm6-2cqx" }, { "reference_url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-4q92-rfm6-2cqx", "reference_id": "GHSA-4q92-rfm6-2cqx", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-06T19:23:19Z/" } ], "url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-4q92-rfm6-2cqx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38868?format=api", "purl": "pkg:npm/%40anthropic-ai/claude-code@2.1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-eknb-tjkn-nucw" }, { "vulnerability": "VCID-k12x-zwx4-vbdc" }, { "vulnerability": "VCID-tvxd-p441-5fa9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@2.1.7" } ], "aliases": [ "CVE-2026-25724", "GHSA-4q92-rfm6-2cqx" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zvre-m7v3-qygz" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540anthropic-ai/claude-code@1.0.0" }