Claude Code is still vulnerable to an attack Anthropic has already fixed
Summary
Researchers have identified a vulnerability in Claude Code where presenting the system with over 50 subcommands bypasses security analysis for subsequent commands. Although Anthropic has a fix in place, it is not enabled in public builds, leaving users potentially unaware of the risk.
IFF Assessment
The vulnerability allows for bypass of security checks, making it easier for attackers to execute malicious commands.
Severity
This score reflects a High impact due to potential credential exfiltration and software supply chain compromise, with a likely Network attack vector and moderate exploitability, as it requires user interaction and specific command structuring.
Defender Context
This incident highlights the ongoing risks associated with AI code generation tools and the importance of enabling all security features, even those that might impact performance. Defenders should be vigilant about unusual command sequences or unexpected prompts when using or interacting with AI-assisted coding platforms.