OS Command Injection in Claude Code - CVE-2025-55284
Published: April 30, 2026
Vulnerability identifier: #VU128529
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2025-55284
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Anthropic
Affected software:
Claude Code
Claude Code
Detailed vulnerability description
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to improper neutralization of special elements used in an os command in the safe command allowlist and confirmation prompt handling when processing untrusted content in a Claude Code context window. A remote attacker can add untrusted content to the context window to disclose sensitive information.
Exploitation can bypass confirmation prompts to read a file and send its contents over the network without user confirmation.
How to mitigate CVE-2025-55284
Install security update from vendor's website.