Product

Claude HUD (<= 0.0.12)

1 brief RSS

Claude HUD Command Injection Vulnerability via COMSPEC Manipulation (CVE-2026-47092)

Claude HUD through version 0.0.12 is vulnerable to command injection (CVE-2026-47092) allowing a local attacker to execute arbitrary commands on a Windows system by manipulating the COMSPEC environment variable; this vulnerability has been patched in commit 234d9aa.

Claude HUD command-injection vulnerability windows

2r 1t 1c 2d ago