CNNVD-202601-3354 Information

CNNVD ID

CNNVD-202601-3354

Related CVE

CVE-2026-21852

• CNNVD Published: 2026-01-21

Description (Chinese)

Claude Code是Anthropic开源的一个代理编码工具。 Claude Code 2.0.65之前版本存在安全漏洞，该漏洞源于项目加载流程允许恶意存储库在用户确认信任前泄露数据，可能导致API密钥泄露。

Description (English)

Claude Code is a proxy coding tool for the Anthropic open source. The previous version of Claude Code 2.0.65 had a security loophole, which stemmed from the project loading process, which allowed the malicious repository to leak data before user confidence was confirmed and could lead to the release of the API key.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Anthropic

Published

2026-01-21

Last Modified

2026-02-24

References

https://github.com/anthropics/claude-code/security/advisories/GHSA-jh7p-qr78-84p7 https://access.redhat.com/security/cve/cve-2026-21852

Patch

https://github.com/anthropics/claude-code/releases