Lucasfutures

**Name of the Vulnerable Software and Affected Versions** Claude SDK for TypeScript versions 0.79.0 through 0.91.0 **Description** The `BetaLocalFilesystemMemoryTool` creates memory files and directories using Node.js default modes (0o666 for files and 0o777 for directories). This results in files being world-readable on systems with a standard umask and world-writable in environments with permissive umasks, such as certain Docker base images. A local attacker on a shared host could read persisted agent state, or in containerized deployments, modify memory files to influence subsequent model behavior. **Recommendations** Update to version 0.91.1.

Name of the Vulnerable Software and Affected Versions Claude SDK for Python versions 0.86.0 through 0.86.9 Description The Claude SDK for Python, used to access the Claude API, had an issue in the local filesystem memory tool between versions 0.86.0 and before 0.87.0. Memory files were created with permissions that allowed world-read access on systems with a standard umask, and world-write access in environments with a permissive umask, such as many Docker base images. A local attacker on a shared host could potentially read persisted agent state. In containerized deployments, an attacker could modify memory files, potentially influencing subsequent model behavior. Both synchronous and asynchronous memory tool implementations were affected. Recommendations Update to version 0.87.0 or later.