AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-47091: Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path traversal vulnerability that allows attackers to r

lowvulnerabilityLLM-Specific

security

Source: NVD/CVE DatabaseMay 18, 2026CVE-2026-47091

Summary

Claude HUD versions up to 0.0.12 contain a path traversal vulnerability (a flaw where attackers can access files outside intended directories by manipulating file paths) that lets attackers read any file the program can access by sending a malicious transcript_path value. Additionally, the vulnerability creates a cache file with weak permissions that records which files were accessed, leaving evidence even after the program stops running.

Solution / Mitigation

The vulnerability was patched in commit 234d9aa. Users should update to a version containing this commit or later.

Vulnerability Details

CVSS Score

3.3(low)

EPSS (30-day exploit probability)

EPSS: 0.0%

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector

local

Attack Complexity

low

Privileges Required

low

User Interaction

none

Disclosure Date

May 18, 2026

Classification

Attack Type

Other

Attack SophisticationTrivial

Impact (CIA+S)

confidentiality

AI Component TargetedAPI

Taxonomy References

CWE (Weakness Type)

CWE-22

CAPEC (Attack Pattern)

CAPEC-126

Affected Vendors

Anthropic

Related Issues

info

Secure AI agent access patterns to AWS resources using Model Context Protocol

Same vendorAWS Security Blog

high

Anthropic accuses Chinese AI labs of mining Claude as US debates AI chip exports

Same vendorTechCrunch

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-47091

First tracked: May 18, 2026 at 08:12 PM

Classified by LLM (prompt v3) · confidence: 85%