Known Vulnerabilities for Claude Code by Anthropic
Listed below are 6 of the newest known vulnerabilities associated with "Claude Code" by "Anthropic".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59726 json | Ruflo is an agent meta-harness for Claude Code and Codex. Prior to 3.16.3, ruflo's default docker-compose deployment exposed ... | Not Provided | 2026-07-09 | 2026-07-09 |
| CVE-2026-55607 json | Claude Code is an agentic coding tool. From 2.1.38 until 2.1.163, Claude Code's worktree handling allowed creation of worktr... | Not Provided | 2026-06-29 | 2026-06-29 |
| CVE-2026-54555 json | rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.42.2, the permission splitter did n... | Not Provided | 2026-06-23 | 2026-06-24 |
| CVE-2026-54316 json | Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a ... | Not Provided | 2026-06-23 | 2026-06-23 |
| CVE-2026-53121 json | In the Linux kernel, the following vulnerability has been resolved: amd-pstate: Fix memory leak in amd_pstate_epp_cpu_init()... | Not Provided | 2026-06-24 | 2026-06-24 |
| CVE-2026-48124 json | Cursor is a code editor built for programming with AI. In versions prior to 3.0.0, the Cursor Desktop could execute workspace... | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-47092 json | Claude HUD through 0.0.12, patched in commit 234d9aa, contains a command injection vulnerability that allows local attackers ... | Not Provided | 2026-05-18 | 2026-07-14 |
| CVE-2026-46406 json | Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcod... | Not Provided | 2026-06-29 | 2026-06-29 |
| CVE-2026-46294 json | In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asle... | Not Provided | 2026-06-08 | 2026-06-14 |
| CVE-2026-45136 json | claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh (i... | Not Provided | 2026-05-27 | 2026-06-02 |