CVE-2026-25724
BaseFortify
Publication date: 2026-02-06
Last updated on: 2026-03-27
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| anthropic | claude_code | to 2.1.7 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-61 | The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files. |
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-25724 is a low-severity vulnerability in the Claude Code tool prior to version 2.1.7. The issue occurs because Claude Code does not properly enforce deny rules configured in settings.json when accessing files through symbolic links.
Specifically, if a user denies Claude Code access to a file (for example, /etc/passwd), but Claude Code has access to a symbolic link pointing to that file, it can bypass the deny rule and read the restricted file via the symlink.
This vulnerability relates to improper handling of symbolic links (CWE-61) and improper authorization (CWE-285), meaning the software fails to correctly check permissions when following symlinks.
How can this vulnerability impact me? :
This vulnerability can allow unauthorized reading of files that a user has explicitly denied Claude Code access to, by exploiting symbolic links.
The impact is considered low severity with limited confidentiality, integrity, and availability loss. No privileges or user interaction are required to exploit it, and it can be triggered remotely over the network.
There is no indication of further system compromise or significant damage beyond unauthorized file reading.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves Claude Code versions prior to 2.1.7 improperly enforcing deny rules on files accessed via symbolic links. Detection involves identifying if your system is running a vulnerable version of Claude Code and checking for unauthorized access attempts through symbolic links.
- Check the installed version of Claude Code to verify if it is older than 2.1.7.
- Use commands to find symbolic links pointing to sensitive files, for example: `find / -type l -ls | grep passwd` to locate symlinks to /etc/passwd.
- Monitor logs or audit file accesses to sensitive files via symlinks, if logging is enabled.
- Check for unusual read operations on restricted files through symlinks by Claude Code processes.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade Claude Code to version 2.1.7 or later, where this vulnerability has been patched.
If automatic updates are not enabled, manually update the package to ensure deny rules are properly enforced.
As a temporary measure, restrict or monitor access to symbolic links pointing to sensitive files to prevent unauthorized reads.