CVE-2025-58764
Claude Code rg command had Command Injection that allowed bypass of user approval prompt for command execution
In short
Claude Code versions before 1.0.105 had a flaw that allowed attackers to bypass the safety confirmation prompt and execute commands without user approval. This is dangerous because malicious code could run secretly on your system.
Technical detail
A command parsing error in Claude Code (CWE-94: Code Injection) allowed attackers to craft specially formatted input that bypassed the confirmation prompt mechanism, enabling execution of arbitrary commands. Exploitation requires injecting untrusted content into the Claude Code context; the vulnerability affects versions prior to 1.0.105.
Summary generated and translated by AI from the official description.
Claude Code is an agentic coding tool. Due to an error in command parsing, versions prior to 1.0.105 were vulnerable to a bypass of the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to version 1.0.105 or the latest version.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
anthropics · claude-codeWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →