- Notifications
You must be signed in to change notification settings - Fork5.3k
Security: anthropics/claude-code
Security
SECURITY.md
Thank you for helping us keep Claude Code secure!
The security of our systems and user data is Anthropic's top priority. We appreciate the work of security researchers acting in good faith in identifying and reporting potential vulnerabilities.
Our security program is managed on HackerOne and we ask that any validated vulnerability in this functionality be reported through theirsubmission form.
Our Vulnerability Program Guidelines are defined on ourHackerOne program page.
- Command Injection via Directory Change Bypasses Write ProtectionGHSA-66q4-vfjg-2qhh published
Feb 6, 2026 byddworkenHigh - Command Injection via Piped sed Command Bypasses File Write RestrictionsGHSA-mhg7-666j-cqg4 published
Feb 6, 2026 byddworkenHigh - Sandbox Escape via Persistent Configuration Injection in settings.jsonGHSA-ff64-7w26-62rf published
Feb 6, 2026 byddworkenHigh - Permission Deny Bypass Through Symbolic LinksGHSA-4q92-rfm6-2cqx published
Feb 6, 2026 byddworkenLow - Command Injection in find Command Bypasses User Approval PromptGHSA-qgqw-h4xq-7w8w published
Feb 3, 2026 byddworkenHigh - Path Restriction Bypass via ZSH Clobber Allows Arbitrary File WritesGHSA-q728-gf8j-w49r published
Feb 3, 2026 byddworkenHigh - Domain Validation Bypass Allows Automatic Requests to Attacker-Controlled DomainsGHSA-vhw5-3g5m-8ggf published
Feb 3, 2026 byddworkenHigh - Malicious repo configuration can trigger data leakage via environment configuration used before trust confirmationGHSA-jh7p-qr78-84p7 published
Jan 20, 2026 byddworkenModerate - Command Validation Bypass Allows Arbitrary Code ExecutionGHSA-xq4m-mc3c-vvg3 published
Dec 3, 2025 byddworkenHigh - Command execution prior to Claude Code startup trust dialogGHSA-5hhx-v7f6-x7gv published
Nov 19, 2025 byddworkenHigh
Learn more about advisories related toanthropics/claude-code in theGitHub Advisory Database