AI Threat Alert
Claude Code Vulnerabilities
npm AI ToolsAnthropic Claude Code CLI — agentic coding tool
8
Total CVEs
0
Critical
npm
Ecosystem
May 19, 2026
Last CVE
36%
Patch Rate
0d
Avg Time to Patch
126,055 stars
20,688 forks
10,899 issues
Last push May 23, 2026
View on GitHub
Known Vulnerabilities (8 total, page 1 of 1)
Severity CVE ID Summary CVSS Published
UNKNOWN CVE-2026-2611 MLflow: cross-origin bypass enables RCE via AI agent -- May 19, 2026 HIGH CVE-2026-45136 claude-code-cache-fix: hook path injection → RCE -- May 13, 2026 HIGH CVE-2026-44246 nnU-Net: prompt injection hijacks CI/CD triage agent 7.2 May 12, 2026 HIGH CVE-2026-40068 Claude Code: git worktree trust bypass executes hooks -- Apr 24, 2026 HIGH CVE-2026-39861 Claude Code: sandbox escape via symlink allows arbitrary write -- Apr 21, 2026 MEDIUM CVE-2026-35603 Claude Code: config hijack via unprotected ProgramData dir -- Apr 17, 2026 MEDIUM CVE-2026-39398 openclaw-claude-bridge: sandbox bypass exposes CLI tools -- Apr 8, 2026 HIGH CVE-2026-35020 Claude Code CLI: OS command injection via TERMINAL env 8.4 Apr 6, 2026 Monitor Claude Code in your stack
Get instant alerts when new vulnerabilities affect Claude Code. CISO analysis, ATLAS technique mappings, and compliance reports included.
Start Monitoring