CVE-2025-66032

Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 1.0.93

Description Claude Code is an agentic coding tool. Prior to version 1.0.93, errors in parsing shell commands related to $IFS and short CLI flags allowed bypassing the read-only validation, potentially leading to arbitrary code execution. Successful exploitation requires the ability to inject untrusted content into a Claude Code context window.

Recommendations Update to version 1.0.93 or later.