1. Home
  2. CVE Database
  3. CVE-2026-25722
CRITICAL · 9.1

CVE-2026-25722

Claude Code is an agentic coding tool. Prior to version 2.0.57, Claude Code failed to properly validate directory changes when combined with write operations to protected folders. By using the cd comm...

Vulnerability Description

Claude Code is an agentic coding tool. Prior to version 2.0.57, Claude Code failed to properly validate directory changes when combined with write operations to protected folders. By using the cd command to navigate into sensitive directories like .claude, it was possible to bypass write protection and create or modify files without user confirmation. Reliably exploiting this required the ability to add untrusted content into a Claude Code context window. This issue has been patched in version 2.0.57.

CVSS Score

9.1

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
AnthropicClaude Code< 2.0.57

Related Weaknesses (CWE)

CWE-20CWE-78

References

FAQ

What is CVE-2026-25722?

CVE-2026-25722 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Claude Code is an agentic coding tool. Prior to version 2.0.57, Claude Code failed to properly validate directory changes when combined with write operations to protected folders. By using the cd comm...

How severe is CVE-2026-25722?

CVE-2026-25722 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2026-25722?

Check the references section above for vendor advisories and patch information. Affected products include: Anthropic Claude Code.