anthropic

Top products

The 15 most recently published vulnerabilities affecting anthropic.

• CVE-2026-44470Claude Desktop: Local Privilege Escalation via Directory Junction in CoworkVMService7.8May 13, 2026
• CVE-2026-44467Claude Desktop: SSH Host Key Verification Bypass Allows Man-in-the-Middle Attack on Remote Sessions6.8May 13, 2026
• CVE-2026-40068Claude Code arbitrary code execution via git worktree commondir trust dialog bypass8.8May 5, 2026
• CVE-2026-41686Claude SDK for TypeScript has Insecure Default File Permissions in Local Filesystem Memory Tool4.4May 4, 2026
• CVE-2026-39861Claude Code: Sandbox Escape via Symlink Following Allows Arbitrary File Write Outside Workspace10.0Apr 21, 2026
• CVE-2026-35603Claude Code: Insecure System-Wide Configuration Loading Enables Local Privilege Escalation on Windows7.3Apr 17, 2026
• CVE-2026-34451Claude SDK for TypeScript: Memory Tool Path Validation Allows Sandbox Escape to Sibling Directories5.4Mar 31, 2026
• CVE-2026-34450Claude SDK for Python: Insecure Default File Permissions in Local Filesystem Memory Tool4.4Mar 31, 2026
• CVE-2026-34452Claude SDK for Python: Memory Tool Path Validation Race Condition Allows Sandbox Escape5.3Mar 31, 2026
• CVE-2026-22561Uncontrolled search path elements in Anthropic Claude for Windows installer (Claude Setup.exe) versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The instal...7.8Mar 31, 2026
• CVE-2026-33068Claude Code has a Workspace Trust Dialog Bypass via Repo-Controlled Settings File8.8Mar 20, 2026
• CVE-2026-25725Claude Code Has Sandbox Escape via Persistent Configuration Injection in settings.json10.0Feb 6, 2026
• CVE-2026-25724Claude Code Has Permission Deny Bypass Through Symbolic Links7.5Feb 6, 2026
• CVE-2026-25723Claude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write Restrictions6.5Feb 6, 2026
• CVE-2026-25722Claude Code Vulnerable to Command Injection via Directory Change Bypasses Write Protection9.1Feb 6, 2026