{"data":{"id":"2798e862-68be-4860-a41b-7eb43e237693","title":"CVE-2026-35021: Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the prompt editor invoca","summary":"Anthropic's Claude Code CLI and Claude Agent SDK have a vulnerability where attackers can execute arbitrary commands (run any code they want) by inserting shell metacharacters (special characters like $() that tell the system to run commands) into file paths. Even though the code tries to protect these paths by wrapping them in double quotes, the POSIX shell (the command-line interface on Unix/Linux systems) still processes these injected expressions, giving attackers the same permissions as the user running the CLI.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-35021","publishedAt":"2026-04-06T20:16:25.067Z","cveId":"CVE-2026-35021","cweIds":["CWE-78"],"cvssScore":"7.8","cvssSeverity":"high","severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["Anthropic"],"affectedVendorsRaw":["Anthropic","Claude Code CLI","Claude Agent SDK"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"local","attackComplexity":"low","privilegesRequired":"none","userInteraction":"required","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-04-06T20:16:25.067Z","capecIds":["CAPEC-88"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality","availability"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}