Main Vulnerability Database Vulnerabilities #VU128512

OS Command Injection in Claude Code - CVE-2026-25722

Published: April 30, 2026

Vulnerability identifier: #VU128512

CSH Severity: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2026-25722

CWE-ID: CWE-78

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Claude Code

Software vendor:
Anthropic

Description

The vulnerability allows a remote attacker to create or modify files in protected directories without user confirmation.

The vulnerability exists due to improper input validation in directory change handling and write operations when processing untrusted content in a Claude Code context window. A remote attacker can use the cd command to navigate into sensitive directories such as .claude and perform write operations to create or modify files in protected directories without user confirmation.

Reliable exploitation requires the ability to add untrusted content into a Claude Code context window.

Remediation

Install security update from vendor's website.

External links

https://github.com/anthropics/claude-code/security/advisories/GHSA-66q4-vfjg-2qhh

OS Command Injection in Claude Code - CVE-2026-25722

Description

Remediation

External links

Please verify you're human