CVE-2026-25723
MEDIUMClaude Code < 2.0.55 - Authenticated Arbitrary File Write via Piped Sed Command Bypass
Title source: llmDescription
Claude Code is an agentic coding tool. Prior to version 2.0.55, Claude Code failed to properly validate commands using piped sed operations with the echo command, allowing attackers to bypass file write restrictions. This vulnerability enabled writing to sensitive directories like the .claude folder and paths outside the project scope. Exploiting this required the ability to execute commands through Claude Code with the "accept edits" feature enabled. This issue has been patched in version 2.0.55.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://github.com/anthropics/claude-code/security/advisories/GHSA-mhg7-666j-cqg4
Scores
CVSS v3
6.5
EPSS
0.0026
EPSS Percentile
17.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-20
CWE-78
Status
published
Products (2)
anthropic/claude_code
< 2.0.55
anthropic-ai/claude-code
0 - 2.0.55npm
Published
Feb 06, 2026
Tracked Since
Feb 18, 2026