Path traversal in Claude Code - CVE-2026-55607
Published: June 30, 2026
Claude Code
Detailed vulnerability description
The vulnerability allows a remote user to execute arbitrary code outside of the sandbox.
The vulnerability exists due to path traversal in git worktree handling when processing a malicious repository during worktree operations. A remote user can supply a crafted repository with symlink manipulation and prompt injection content to overwrite files in the user's home directory and execute arbitrary code outside of the sandbox.
Reliable exploitation requires the user to clone a malicious repository and run Claude Code against it.