Multiple Vulnerabilities in Claude Code Expose Users to Security Risks

Multiple Vulnerabilities in Claude Code Expose Users to Security Risks

First seen 30 Apr 2026, 17:02 UTC www.sentinelone.comnvd.nist.gov 77% similarity 70.5

Article Content

Browse articles
ThreatCluster

Claude Code, an agentic coding tool by Anthropic, has been found to have multiple vulnerabilities affecting various versions. CVE-2026-33068 allows attackers to bypass the trust dialog, enabling arbitrary tool execution without user consent. CVE-2026-25723 permits file write restrictions to be bypassed through improper command validation, potentially leading to system compromise. CVE-2026-21852 enables data exfiltration of sensitive API keys before user trust is confirmed. CVE-2025-59536 allows code execution prior to user acceptance of the startup trust dialog. Users are advised to update to the latest versions to mitigate these risks. The vulnerabilities primarily affect users of Claude Code versions prior to the specified patches. The attack vectors involve network access and user interaction, highlighting the need for vigilance in repository management and command execution.

Key Points: • CVE-2026-33068 allows bypassing of trust dialogs in Claude Code. • CVE-2026-25723 enables unauthorized file writes to sensitive directories. • Users are urged to update to the latest versions to address these vulnerabilities.

ThreatCluster AI

Timeline

2025-10-03
CVE-2025-59536 published
2026-01-21
CVE-2026-21852 published
2026-02-06
CVE-2026-25723 published
2026-02-28
First public PoC for CVE-2026-21852
2026-03-10
First public PoC for CVE-2025-59536
2026-03-20
CVE-2026-33068 published

Community

Browse all →