CVE-2025-66032
CRITICALClaude Code < 1.0.93 - Remote Code Execution via Shell Command Parsing Bypass
Title source: llmDescription
Claude Code is an agentic coding tool. Prior to 1.0.93, Due to errors in parsing shell commands related to $IFS and short CLI flags, it was possible to bypass the Claude Code read-only validation and trigger arbitrary code execution. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. This vulnerability is fixed in 1.0.93.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://github.com/anthropics/claude-code/security/advisories/GHSA-xq4m-mc3c-vvg3
Scores
CVSS v3
9.8
EPSS
0.0063
EPSS Percentile
45.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-77
Status
published
Products (2)
anthropic/claude_code
< 1.0.93
anthropic-ai/claude-code
0 - 1.0.93npm
Published
Dec 03, 2025
Tracked Since
Feb 18, 2026