CVE-2025-54794: Claude Code is an agentic coding tool. In versions below 0.2.111, a path validation flaw using prefix matching instead o
Summary
Claude Code, an agentic coding tool (software that can write and modify code automatically), has a path validation flaw in versions before 0.2.111 that allows attackers to bypass directory restrictions and access files outside the intended working directory. The vulnerability exploits prefix matching (checking if one string starts with another) instead of properly comparing full file paths, and requires the attacker to create a directory with the same prefix name and inject untrusted content into the tool's context.
Solution / Mitigation
Update Claude Code to version 0.2.111 or later, as this version contains the fix for the path validation flaw.
Vulnerability Details
9.1(critical)
EPSS: 0.0%
Classification
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-54794
First tracked: February 15, 2026 at 08:52 PM
Classified by LLM (prompt v3) · confidence: 95%