{
"version": "1.0.1",
"updated_at": "2026-01-27T01:23:49Z",
"entries": [
{
"id": "CVE-2025-66032",
"title": "Claude Code is an agentic coding tool",
"description": "Claude Code is an agentic coding tool. Prior to 1.0.93, Due to errors in parsing shell commands related to $IFS and short CLI flags, it was possible to bypass the Claude Code read-only validation and trigger arbitrary code execution. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. This vulnerability is fixed in 1.0.93.",
"severity": "critical",
"affected_products": [
{
"vendor": "anthropic",
"product": "claude_code",
"version_affected": "< 1.0.93",
"version_fixed": "1.0.93"
}
],
"cwe_ids": [
"CWE-77"
],
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2025-66032",
"https://github.com/anthropics/claude-code/security/advisories/GHSA-xq4m-mc3c-vvg3"
],
"published_at": "2025-12-03T19:15:57.527",
"cvss_score": 9.8
},
{
"id": "CVE-2025-64755",
"title": "Claude Code is an agentic coding tool",
"description": "Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. This issue has been patched in version 2.0.31.",
"severity": "critical",
"affected_products": [
{
"vendor": "anthropic",
"product": "claude_code",
"version_affected": "< 2.0.31",
"version_fixed": "2.0.31"
}
],
"cwe_ids": [
"CWE-78"
],
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2025-64755",
"https://github.com/anthropics/claude-code/security/advisories/GHSA-7mv8-j34q-vp7q"
],
"published_at": "2025-11-21T02:15:43.917",
"cvss_score": 9.8
},
{
"id": "CVE-2025-64660",
"title": "Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to...",
"description": "Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to execute code over a network.",
"severity": "high",
"affected_products": [
{
"vendor": "microsoft",
"product": "visual_studio_code",
"version_affected": "< 1.106.2",
"version_fixed": "1.106.2"
}
],
"cwe_ids": [
"CWE-284"
],
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2025-64660",
"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64660"
],
"published_at": "2025-11-20T23:15:56.943",
"cvss_score": 8.0
},
{
"id": "CVE-2025-65099",
"title": "Claude Code is an agentic coding tool",
"description": "Claude Code is an agentic coding tool. Prior to version 1.0.39, when running on a machine with Yarn 3.0 or above, Claude Code could have been tricked to execute code contained in a project via yarn plugins before the user accepted the startup trust dialog. Exploiting this would have required a user to start Claude Code in an untrusted directory and to be using Yarn 3.0 or above. This issue has been patched in version 1.0.39.",
"severity": "critical",
"affected_products": [
{
"vendor": "anthropic",
"product": "claude_code",
"version_affected": "< 1.0.39",
"version_fixed": "1.0.39"
}
],
"cwe_ids": [
"CWE-94"
],
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2025-65099",
"https://github.com/anthropics/claude-code/security/advisories/GHSA-5hhx-v7f6-x7gv"
],
"published_at": "2025-11-19T18:15:51.837",
"cvss_score": 9.8
},
{
"id": "CVE-2025-62453",
"title": "Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an au...",
"description": "Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.",
"severity": "medium",
"affected_products": [
{
"vendor": "microsoft",
"product": "visual_studio_code",
"version_affected": "< 1.105.0",
"version_fixed": "1.105.0"
}
],
"cwe_ids": [
"CWE-693"
],
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2025-62453",
"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62453"
],
"published_at": "2025-11-11T18:15:50.423",
"cvss_score": 5.0
},
{
"id": "CVE-2025-54135",
"title": "Cursor CurXecute Remote Code Execution",
"description": "A vulnerability in Cursor IDE allows remote code execution through specially crafted project files. Attackers can execute arbitrary code when a victim opens a malicious project.",
"severity": "high",
"cvss_score": 8.8,
"affected_products": [
{
"vendor": "cursor",
"product": "cursor",
"version_affected": "< 0.45.0",
"version_fixed": "0.45.0"
}
],
"cwe_ids": [
"CWE-94",
"CWE-78"
],
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2025-54135"
],
"published_at": "2025-01-20T00:00:00Z"
},
{
"id": "CVE-2025-54136",
"title": "Cursor MCPoison MCP Server Hijacking",
"description": "MCPoison vulnerability in Cursor IDE allows attackers to hijack MCP server connections through environment variable manipulation, potentially leading to data exfiltration or malicious code execution.",
"severity": "high",
"cvss_score": 8.5,
"affected_products": [
{
"vendor": "cursor",
"product": "cursor",
"version_affected": "< 0.45.0",
"version_fixed": "0.45.0"
}
],
"cwe_ids": [
"CWE-426",
"CWE-200"
],
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2025-54136"
],
"published_at": "2025-01-20T00:00:00Z"
},
{
"id": "CVE-2025-6514",
"title": "mcp-remote Remote Code Execution",
"description": "A critical vulnerability in the mcp-remote package allows remote code execution through malicious MCP server responses. Attackers can execute arbitrary code on the client machine.",
"severity": "critical",
"cvss_score": 9.6,
"affected_products": [
{
"vendor": "modelcontextprotocol",
"product": "mcp-remote",
"version_affected": "< 0.3.0",
"version_fixed": "0.3.0"
}
],
"cwe_ids": [
"CWE-94",
"CWE-502"
],
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2025-6514"
],
"published_at": "2025-01-18T00:00:00Z"
},
{
"id": "CVE-2025-52882",
"title": "Claude Code VSCode WebSocket Authentication Bypass",
"description": "A vulnerability in Claude Code VSCode extension allows remote attackers to bypass WebSocket authentication, potentially leading to unauthorized code execution within the extension context.",
"severity": "critical",
"cvss_score": 9.8,
"affected_products": [
{
"vendor": "anthropic",
"product": "claude-code-vscode",
"version_affected": "< 1.5.0",
"version_fixed": "1.5.0"
}
],
"cwe_ids": [
"CWE-287",
"CWE-306"
],
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2025-52882"
],
"published_at": "2025-01-15T00:00:00Z"
},
{
"id": "CVE-2025-53110",
"title": "MCP Directory Traversal",
"description": "A directory traversal vulnerability in MCP file operations allows attackers to read or write files outside the intended directory scope.",
"severity": "high",
"cvss_score": 7.3,
"affected_products": [
{
"vendor": "modelcontextprotocol",
"product": "mcp",
"version_affected": "< 1.0.0",
"version_fixed": "1.0.0"
}
],
"cwe_ids": [
"CWE-22",
"CWE-73"
],
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2025-53110"
],
"published_at": "2025-01-12T00:00:00Z"
},
{
"id": "CVE-2025-53109",
"title": "MCP Symbolic Link Bypass",
"description": "A vulnerability in MCP's file access controls allows attackers to bypass path restrictions using symbolic links, potentially accessing sensitive files outside the allowed scope.",
"severity": "high",
"cvss_score": 8.4,
"affected_products": [
{
"vendor": "modelcontextprotocol",
"product": "mcp",
"version_affected": "< 1.0.0",
"version_fixed": "1.0.0"
}
],
"cwe_ids": [
"CWE-59",
"CWE-61"
],
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2025-53109"
],
"published_at": "2025-01-12T00:00:00Z"
},
{
"id": "CVE-2025-49596",
"title": "MCP Inspector CSRF to RCE",
"description": "MCP Inspector is vulnerable to Cross-Site Request Forgery (CSRF) attacks that can lead to Remote Code Execution (RCE). An attacker can craft a malicious web page that, when visited by a user with MCP Inspector running, can execute arbitrary commands.",
"severity": "critical",
"cvss_score": 9.4,
"affected_products": [
{
"vendor": "modelcontextprotocol",
"product": "mcp-inspector",
"version_affected": "< 0.5.0",
"version_fixed": "0.5.0"
}
],
"cwe_ids": [
"CWE-352",
"CWE-94"
],
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2025-49596"
],
"published_at": "2025-01-10T00:00:00Z"
}
]
}