CVE-2026-40068 | Anthropic claude-code up to 2.1.83 claude/settings.json command injection (GHSA-q5hj-mxqh-vv77 / EUVD-2026-27502)

Inserito da Angelo Barbosa | Mag 6, 2026 | CVE

A vulnerability, which was classified as critical, was found in Anthropic claude-code up to 2.1.83. The impacted element is an unknown function of the file claude/settings.json. Executing a manipulation can lead to command injection.

This vulnerability appears as CVE-2026-40068. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.

CVE-2026-40068 | Anthropic claude-code up to 2.1.83 claude/settings.json command injection (GHSA-q5hj-mxqh-vv77 / EUVD-2026-27502)

Post correlati

CVE-2024-23368 | Qualcomm Snapdragon up to QCN50 SMEM Partition buffer overflow

CVE-2024-0011 | Palo Alto PAN-OS/Prisma Access/Cloud NGFW cross site scripting

CVE-2025-10103 | code-projects Online Event Judging System 1.0 /home.php main_event sql injection

CVE-2024-0179 | AMD Ryzen Embedded 8000 AmdCpmDisplayFeatureSMM input validation