CVE-2026-47091
Path Traversal in Claude HUD via Unvalidated Transcript Path
Publication date: 2026-05-18
Last updated on: 2026-05-18
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| claude_hud | claude_hud | 0.0.12 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Claude HUD versions up to 0.0.12 and is fixed in a later commit. It is a path traversal vulnerability that allows attackers to read arbitrary files on the system by providing an unvalidated transcript_path value through stdin JSON input.
Because the transcript_path is not properly validated, attackers can specify paths to files that the process has permission to read, thereby accessing sensitive information.
Additionally, the metadata of accessed files is written to a persistent cache file with insufficient permissions, which creates a forensic record of accessed paths that remains even after the process exits.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with limited privileges to read arbitrary files that the application process can access.
This could lead to unauthorized disclosure of sensitive information stored in those files.
Furthermore, the creation of a persistent cache file containing metadata of accessed files with insufficient permissions could expose a forensic record of file access, potentially leaking information about what files were accessed.