{"data":{"id":"cb4424df-1812-4aaa-83a6-ad4bd5b91707","title":"CVE-2025-57755: claude-code-router is a powerful tool to route Claude Code requests to different models and customize any request. Due t","summary":"claude-code-router is a tool that directs Claude Code requests to different AI models. The software has a security flaw in its CORS (Cross-Origin Resource Sharing, which controls what websites can access a service) configuration that could allow attackers to steal user API keys (credentials that grant access to services) and sensitive data from untrusted websites.","solution":"The issue has been patched in v1.0.34.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-57755","publishedAt":"2025-08-21T17:15:31.610Z","cveId":"CVE-2025-57755","cweIds":["CWE-200","CWE-942"],"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["pii_leakage"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["Anthropic"],"affectedVendorsRaw":["Anthropic","claude-code-router"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00067,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-116"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}