AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-66479: Anthropic Sandbox Runtime is a lightweight sandboxing tool for enforcing filesystem and network restrictions on arbitrar

lowvulnerability

security

Source: NVD/CVE DatabaseDecember 4, 2025CVE-2025-66479

Summary

Anthropic Sandbox Runtime is a tool that restricts what processes can access on a computer's filesystem (file storage) and network without needing containers (isolated computing environments). Before version 0.0.16, a bug prevented the network sandbox from working correctly when no allowed domains were specified, which could let code inside the sandbox make network requests it shouldn't be able to make.

Solution / Mitigation

A patch was released in v0.0.16 that fixes this issue.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack Type

DoS

Attack SophisticationModerate

Impact (CIA+S)

availability

AI Component TargetedInference

Taxonomy References

CWE (Weakness Type)

CWE-693

Affected Vendors

Anthropic

Related Issues

high

Anthropic accuses Chinese AI labs of mining Claude as US debates AI chip exports

Same vendorTechCrunch

medium

CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem

First tracked: February 15, 2026 at 08:50 PM

Classified by LLM (prompt v3) · confidence: 85%