AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-47090: Claude HUD through 0.0.12, patched in commit 234d9aa, constructs OSC 8 terminal hyperlink escape sequences using raw cwd

mediumvulnerabilityLLM-Specific

security

Source: NVD/CVE DatabaseMay 18, 2026CVE-2026-47090

Summary

Claude HUD version 0.0.12 and earlier has a vulnerability where it creates terminal hyperlinks (clickable links in terminal windows) using user-controlled data without properly cleaning it first, allowing attackers to inject malicious terminal codes (ANSI codes, which control formatting and behavior in terminals) that could change text colors, fake command prompts, steal clipboard data, or redirect users to attacker-controlled websites.

Solution / Mitigation

Patched in commit 234d9aa.

Vulnerability Details

CVSS Score

4.6(medium)

EPSS (30-day exploit probability)

EPSS: 0.0%

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Attack Vector

local

Attack Complexity

low

Privileges Required

low

User Interaction

required

Disclosure Date

May 18, 2026

Classification

Attack Type

Other

Attack SophisticationModerate

Impact (CIA+S)

integrityconfidentiality

Taxonomy References

CWE (Weakness Type)

CWE-150

Affected Vendors

Anthropic

Related Issues

info

Secure AI agent access patterns to AWS resources using Model Context Protocol

Same vendorAWS Security Blog

high

Anthropic accuses Chinese AI labs of mining Claude as US debates AI chip exports

Same vendorTechCrunch

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-47090

First tracked: May 18, 2026 at 08:12 PM

Classified by LLM (prompt v3) · confidence: 85%