Tag
high
advisory
Claude Code Trust Dialog Bypass via Git Worktree Spoofing
2 rules 1 TTPA vulnerability in Claude Code allowed for trust dialog bypass via git worktree spoofing, potentially leading to arbitrary code execution by crafting a malicious repository with a `commondir` file pointing to a previously trusted path, bypassing the trust dialog, and executing malicious hooks defined in `.claude/settings.json`.
Claude Code
git
code-execution
trust-bypass
2r
1t
high
advisory
Mise Trust Bypass Vulnerability via Malicious .mise.toml
2 rules 2 TTPsA vulnerability in mise allows an attacker who can place a malicious .mise.toml file in a repository to bypass trust checks and execute arbitrary code via `[env] _.source` due to improper loading of trust settings.
mise
trust-bypass
code-execution
vulnerability
2r
2t