CVE-2025-59829

MEDIUM

Claude Code <1.0.120 - Privilege Escalation

Title source: llm

Description

Claude Code is an agentic coding tool. Versions below 1.0.120 failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the file. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version. This issue is fixed in version 1.0.120.

References (1)

[Vendor Advisory] https://github.com/anthropics/claude-code/security/advisories/GHSA-66m2-gx93-v996

Scores

CVSS v3 6.5

EPSS 0.0006

EPSS Percentile 18.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-61

Status published

Products (2)

anthropic/claude_code < 1.0.120

anthropic-ai/claude-code 0 - 1.0.120npm

Published Oct 03, 2025

Tracked Since Feb 18, 2026