Tag
critical
advisory
Anthropic Claude Code CLI/SDK OS Command Injection Vulnerability
2 rules 2 TTPs 1 CVECVE-2026-35022 describes an OS command injection vulnerability in the Anthropic Claude Code CLI and Claude Agent SDK that allows attackers with control over authentication settings to execute arbitrary commands, potentially leading to credential theft and environment variable exfiltration.
command-injection
cve-2026-35022
anthropic
claude
2r
2t
1c
high
advisory
Anthropic Claude Code CLI/Agent SDK OS Command Injection Vulnerability (CVE-2026-35021)
2 rules 1 TTP 1 CVEThe Anthropic Claude Code CLI and Claude Agent SDK are vulnerable to OS command injection via crafted file paths, allowing arbitrary command execution.
cve-2026-35021
command-injection
anthropic
2r
1t
1c