@anthropic-ai/claude-code
This hub aggregates every CVE we track for @anthropic-ai/claude-code, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
2
Critical
1
High
0
In CISA KEV
Severity distribution
CRITICAL2HIGH1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
3
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 3 most recently published vulnerabilities affecting @anthropic-ai/claude-code.
- CVE-2025-55284Claude Code's Permissive Default Allowlist Enables Unauthorized File Read and Network Exfiltration in Claude Code7.5
- CVE-2025-54794Claude Code Research Preview has a Path Restriction Bypass which could allow unauthorized file access9.1
- CVE-2025-54795Claude Code echo command allowed bypass of user approval prompt for command execution9.8
Product normalization is registry-driven with AI assist and human review. How it works