SB2026043045 - UNIX symbolic link following in Claude Code

Description

This security bulletin contains information about 1 security vulnerability.

1) UNIX symbolic link following (CVE-ID: CVE-2026-39861)

The vulnerability allows a remote attacker to write arbitrary files outside the workspace.

The vulnerability exists due to symlink following in the sandbox file write handling when writing to a path within an attacker-created symlink. A remote attacker can create a symlink pointing outside the workspace and cause Claude Code to write through it to write arbitrary files outside the workspace.

Reliable exploitation requires the ability to add untrusted content into a Claude Code context window to trigger sandboxed code execution via prompt injection.

Remediation

Install update from vendor's website.

References

• https://github.com/anthropics/claude-code/security/advisories/GHSA-vp62-r36r-9xqp
• https://github.com/advisories/GHSA-vp62-r36r-9xqp