Anthropic-Ai Claude-Code vulnerabilities

CVE-2025-54795 [HIGH] CWE-78 Claude Code echo command allowed bypass of user approval prompt for command execution Claude Code echo command allowed bypass of user approval prompt for command execution Due to an error in command parsing, it was possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update recei

CVE-2025-54794 [HIGH] CWE-22 Claude Code Research Preview has a Path Restriction Bypass which could allow unauthorized file access Claude Code Research Preview has a Path Restriction Bypass which could allow unauthorized file access Due to a path validation flaw using prefix matching instead of canonical path comparison, it was possible to bypass directory restrictions and access files outside the CWD. Successful exploitation depends on the presence of (or ability to create) a directory with th

CVE-2025-52882 [HIGH] CWE-1385 Claude Code Improper Authorization via websocket connections from arbitrary origins Claude Code Improper Authorization via websocket connections from arbitrary origins Claude Code extensions in VSCode and forks (e.g., Cursor, Windsurf, and VSCodium) and JetBrains IDEs (e.g., IntelliJ, Pycharm, and Android Studio) are vulnerable to unauthorized websocket connections from an attacker when visiting attacker-controlled webpages. Claude Code for VSCode IDE extensions v