OS Command Injection in Claude Code - CVE-2025-55284
Published: April 30, 2026
Vulnerability identifier: #VU128529
CSH Severity: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2025-55284
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Claude Code
Claude Code
Software vendor:
Anthropic
Anthropic
Description
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to improper neutralization of special elements used in an os command in the safe command allowlist and confirmation prompt handling when processing untrusted content in a Claude Code context window. A remote attacker can add untrusted content to the context window to disclose sensitive information.
Exploitation can bypass confirmation prompts to read a file and send its contents over the network without user confirmation.
Remediation
Install security update from vendor's website.