CVE-2026-40068

Source
https://cve.org/CVERecord?id=CVE-2026-40068
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-40068.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-40068
Aliases
Downstream
Published
2026-05-05T20:52:26.089Z
Modified
2026-07-15T01:48:58.016505164Z
Severity
  • 7.7 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
Claude Code arbitrary code execution via git worktree commondir trust dialog bypass
Details

In versions 2.1.63 through 2.1.83 of Claude Code, the folder trust determination logic used the git worktree commondir file without validating its contents. An attacker could craft a malicious repository with a commondir file pointing to a path the victim had previously trusted, causing Claude Code to bypass its trust confirmation dialog and immediately execute hooks defined in .claude/settings.json. Exploitation requires the victim to clone the malicious repository and run Claude Code within it, and the attacker must know or guess a path the victim had already trusted. This issue has been fixed in version 2.1.84.

Database specific
{
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/40xxx/CVE-2026-40068.json",
    "cwe_ids": [
        "CWE-20",
        "CWE-77"
    ]
}
References

Affected packages

Git / github.com/anthropics/claude-code

Affected ranges

Type
GIT
Repo
https://github.com/anthropics/claude-code
Events
Database specific
{
    "cpe": "cpe:2.3:a:anthropic:claude_code:*:*:*:*:*:node.js:*:*",
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE"
    ],
    "extracted_events": [
        {
            "introduced": "2.1.63"
        },
        {
            "fixed": "2.1.84"
        }
    ]
}

Affected versions

v2.*
v2.1.63
v2.1.66
v2.1.68
v2.1.69
v2.1.70
v2.1.71
v2.1.72
v2.1.73
v2.1.74
v2.1.75
v2.1.76
v2.1.77
v2.1.78
v2.1.79
v2.1.80
v2.1.81
v2.1.83

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-40068.json"