CVE-2026-25722
EPSS 0.19%Claude Code Vulnerable to Command Injection via Directory Change Bypasses Write Protection
發布日:2026/2/6修改日:2026/2/6
描述
Claude Code failed to properly validate directory changes when combined with write operations to protected folders. By using the `cd` command to navigate into sensitive directories like `.claude`, it was possible to bypass write protection and create or modify files without user confirmation. Reliably exploiting this required the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update received this fix automatically. Users performing manual updates are advised to update to the latest version. About Claude Code thanks hackerone.com/nil221 for reporting this issue!
受影響套件(1)
- npm/@anthropic-ai/claude-codefrom 0, < 2.0.57
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |