CVE-2025-52882 Information

Description

Claude Code is an agentic coding tool. Claude Code extensions in VSCode and forks (e.g. Cursor Windsurf and VSCodium) and JetBrains IDEs (e.g. IntelliJ Pycharm and Android Studio) are vulnerable to unauthorized websocket connections from an attacker when visiting attacker-controlled webpages. Claude Code for VSCode IDE extensions versions 0.2.116 through 1.0.23 are vulnerable. For Jetbrains IDE plugins Claude Code [beta] versions 0.1.1 through 0.1.8 are vulnerable. In VSCode (and forks) exploitation would allow an attacker to read arbitrary files see the list of files open in the IDE get selection and diagnostics events from the IDE or execute code in limited situations where a user has an open Jupyter Notebook and accepts a malicious prompt. In JetBrains IDEs an attacker could get selection events a list of open files and a list of syntax errors. Claude released a patch for this issue on June 13th 2025. Although Claude Code auto-updates when a user launch it and auto-updates the extensions users should take the following steps though the exact steps depend on one’s integrated development environment (IDE). For VSCode Cursor Windsurf VSCodium and other VSCode forks check the extension Claude Code for VSCode. Open the list of Extensions (View->Extensions) look for Claude Code for VSCode among installed extensions update or uninstall any version prior to 1.0.24 and restart the IDE. For JetBrains IDEs including IntelliJ PyCharm and Android Studio check the plugin Claude Code [Beta]. Open the Plugins list look for Claude Code [Beta] among installed extensions update or uninstall any version prior to 0.1.9 and restart the IDE.

Reference

https://github.com/anthropics/claude-code/security/advisories/GHSA-9f65-56v6-gxw7

Related CNNVD

CNNVD-202506-3121 (Published: 2025-06-24)