CVE-2026-25724

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-25724

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-25724.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-25724

Aliases

GHSA-4q92-rfm6-2cqx

Published

2026-02-06T17:53:16.004Z

Modified

2026-02-12T08:49:11.574517Z

Severity

2.3 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N CVSS Calculator

Summary

Claude Code Has Permission Deny Bypass Through Symbolic Links

Details

Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code failed to strictly enforce deny rules configured in settings.json when accessing files through symbolic links. If a user explicitly denied Claude Code access to a file (such as /etc/passwd) and Claude Code had access to a symbolic link pointing to that file, it was possible for Claude Code to read the restricted file through the symlink without triggering deny rule enforcement. This issue has been patched in version 2.1.7.

Database specific

{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-285",
        "CWE-61"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/25xxx/CVE-2026-25724.json"
}

References

Affected packages

Git / github.com/anthropics/claude-code

Affected ranges

Type: GIT
Repo: https://github.com/anthropics/claude-code
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

6a2936ab79c01e4f078105584f8cae521e7851dc

Affected versions

v2.*

v2.0.73

v2.0.74

v2.0.76

v2.1.0

v2.1.1

v2.1.2

v2.1.3

v2.1.4

v2.1.5

v2.1.6

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-25724.json"