{"data":{"id":"aa69125a-4823-4356-895b-71b99787e614","title":"GHSA-4vp2-6q8c-pvq2: @anthropic-ai/claude-code has an Insecure Temporary File in /copy Command that Enables Response Disclosure and Symlink-Based File Write","summary":"Claude Code's `/copy` command had a serious security flaw where it saved responses to an easily guessable file location (`/tmp/claude/response.md`) that any user on the system could read, potentially exposing secrets or credentials. An attacker could also create a symlink (a shortcut to another file) at that location to trick the command into overwriting any file they chose. This vulnerability required the attacker and a privileged user to be on the same computer.","solution":"Users on standard Claude Code auto-update have already received this fix. Users performing manual updates are advised to update to the latest version.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-4vp2-6q8c-pvq2","publishedAt":"2026-06-25T16:53:00.000Z","cveId":"CVE-2026-46406","cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["pii_leakage"],"issueType":"vulnerability","affectedPackages":["@anthropic-ai/claude-code@>= 2.1.59, < 2.1.128 (fixed: 2.1.128)"],"affectedVendors":["Anthropic"],"affectedVendorsRaw":["Anthropic","Claude Code"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-06-25T16:53:00.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"plugin","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}