SB2026043040 - Multiple vulnerabilities in Claude Code

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Code Injection (CVE-ID: CVE-2025-65099)

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to improper control of code generation in Yarn config file handling when running yarn --version during Claude Code startup. A remote attacker can provide a specially crafted Yarn configuration to execute arbitrary code.

This can occur before the directory trust dialog is accepted, allowing a bypass of that trust check. User interaction is required.

2) Untrusted search path (CVE-ID: CVE-2025-59828)

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to improper trust management in plugin autoloading and Yarn configuration handling when running yarn --version in an untrusted directory. A remote attacker can place a specially crafted Yarn configuration file to execute arbitrary code.

User interaction is required because exploitation occurs before the user accepts the risks of working in an untrusted directory.

Remediation

Install update from vendor's website.

References

• https://github.com/anthropics/claude-code/security/advisories/GHSA-5hhx-v7f6-x7gv
• https://github.com/anthropics/claude-code/security/advisories/GHSA-2jjv-qf24-vfm4