CNNVD-202602-245 Information
Feb 03, 2026
cve
CNNVD ID
CNNVD-202602-245
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
Claude Code是Anthropic开源的一个终端原生AI编程工具。 Claude Code 2.0.72之前版本存在代码注入漏洞,该漏洞源于命令解析错误,可能导致绕过确认提示并通过find命令执行不受信任的命令。
Description (English)
Claude Code is a terminal primary AI programming tool from Anthropic open source. Claude Code 2.0.72 had a code-injecting loophole, which stemmed from a command error, which could lead to the circumvention of confirmation tips and to the execution of untrustworthy orders through a wind order.
Hazard Level
High
Vulnerability Type
代码注入
Affected Vendor
Anthropic
Published
2026-02-03
Last Modified
2026-02-24
References
https://github.com/anthropics/claude-code/security/advisories/GHSA-qgqw-h4xq-7w8w
Patch
https://github.com/anthropics/claude-code/releases
Share on: