CVE-2025-54794

Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 0.2.111

Description Claude Code is an agentic coding tool affected by a path validation issue. This flaw uses prefix matching instead of canonical path comparison, allowing bypass of directory restrictions and access to files outside the current working directory (CWD). Successful exploitation requires the presence of, or the ability to create, a directory with the same prefix as the CWD and the ability to add untrusted content into a Claude Code context window. Reports indicate this issue was exploited as a prompt injection flaw.

Recommendations Update Claude Code to version 0.2.111 or later.