Multiple Vulnerabilities Discovered in Anthropic Claude Code

Severity: High (Score: 70.5)

Sources: www.sentinelone.com

Summary

Two vulnerabilities have been identified in Anthropic Claude Code, affecting versions prior to 2.1.53 and 2.0.55. CVE-2026-33068 is a trust dialog bypass vulnerability that allows attackers to execute arbitrary code without user consent by manipulating the .claude/settings.json file in a malicious repository. This flaw requires the victim to clone and open the repository, leading to potential unauthorized tool execution. CVE-2026-25723 involves improper input validation that allows attackers to bypass file write restrictions, enabling writes to sensitive directories like .claude. Both vulnerabilities pose significant risks as they can lead to system compromise and unauthorized access. Anthropic has released patches for both vulnerabilities, addressing the security flaws. Users are advised to update to the latest versions to mitigate these risks. Key Points: • CVE-2026-33068 allows arbitrary code execution via a trust dialog bypass. • CVE-2026-25723 enables unauthorized file writes to sensitive directories. • Patches for both vulnerabilities have been released; users should update immediately.

Key Entities

• Zero-day Exploit (attack_type)
• CVE-2026-25723 (cve)
• CVE-2026-33068 (cve)
• CWE-20 - Improper Input Validation (cwe)
• T1059.004 - Unix Shell (mitre_attack)
• Claude Code (tool)