CVE-2026-35021

Name of the Vulnerable Software and Affected Versions Anthropic Claude Code CLI and Claude Agent SDK (affected versions not specified)

Description The Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection issue in the prompt editor invocation utility. Attackers can execute arbitrary commands by crafting malicious file paths containing shell metacharacters such as $() or backtick expressions. Even when file paths are enclosed in double quotes, POSIX shell semantics allow command substitution within those quotes, leading to arbitrary command execution with the privileges of the user running the CLI. The vulnerability is present because the file path is interpolated into shell commands executed via execSync.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.