CVE-2026-35020 | Anthropic Claude Code/Claude Agent SDK for Python Environment Variable TERMINAL os command injection

Inserito da Angelo Barbosa | Apr 6, 2026 | CVE

A vulnerability has been found in Anthropic Claude Code and Claude Agent SDK for Python and classified as critical. The impacted element is an unknown function of the component Environment Variable Handler. Performing a manipulation of the argument TERMINAL results in os command injection.

This vulnerability is cataloged as CVE-2026-35020. The attack must be initiated from a local position. There is no exploit available.

CVE-2026-35020 | Anthropic Claude Code/Claude Agent SDK for Python Environment Variable TERMINAL os command injection

Post correlati

CVE-2025-55944 | Slink 1.4.9 SVG File Upload cross site scripting

CVE-2023-43994 | makotoya mini-app on Line 13.6.1 Channel Access Token information disclosure

CVE-2023-35123 | Intel OpenBMC prior egs-1.14-0/bhs-0.27 uncaught exception in servlet (intel-sa-01078)

CVE-2024-48291 | dingfanzu CMS 1.0 doAdminAction.php?act=editAdmin&id=17 cross-site request forgery