Path traversal in Claude Code - CVE-2026-55607

 

Path traversal in Claude Code - CVE-2026-55607

Published: June 30, 2026


Vulnerability identifier: #VU135959
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-55607
CWE-ID: CWE-22
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Anthropic
Affected software:
Claude Code

Detailed vulnerability description

The vulnerability allows a remote user to execute arbitrary code outside of the sandbox.

The vulnerability exists due to path traversal in git worktree handling when processing a malicious repository during worktree operations. A remote user can supply a crafted repository with symlink manipulation and prompt injection content to overwrite files in the user's home directory and execute arbitrary code outside of the sandbox.

Reliable exploitation requires the user to clone a malicious repository and run Claude Code against it.


How to mitigate CVE-2026-55607

Install security update from vendor's website.

Sources