CVE-2026-35603Untrusted Search Path in Claude-code

CWE-426Untrusted Search Path3 documents3 sources
Severity
5.4MEDIUMNVD
EPSS
0.0%
top 98.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Anthropics Claude-codeAnthropic-ai Claude-code
Timeline
PublishedApr 17

Description

Claude Code is an agentic coding tool. In versions prior to 2.1.75 on Windows, Claude Code loaded the system-wide default configuration from C:\ProgramData\ClaudeCode\managed-settings.json without validating directory ownership or access permissions. Because the ProgramData directory is writable by non-administrative users by default and the ClaudeCode subdirectory was not pre-created or access-restricted, a low-privileged local user could create this directory and place a malicious configuratio

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5anthropics/claude-code< 2.1.75

🔴Vulnerability Details

2
GHSA
Claude Code: Insecure System-Wide Configuration Loading Enables Local Privilege Escalation on Windows2026-04-17
VulDB
Anthropic claude-code up to 2.1.74 on Windows Configuration managed-settings.json untrusted search path (GHSA-5cwg-9f6j-9jvx)2026-04-17