CVE-2026-35603

Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 2.1.75

Description On Windows, the software loads the system-wide default configuration from the endpoint 'C:ProgramDataClaudeCodemanaged-settings.json' without validating directory ownership or access permissions. Since the ProgramData directory is writable by non-administrative users by default and the ClaudeCode subdirectory was not pre-created or access-restricted, a low-privileged local user could create this directory and place a malicious configuration file. This file would then be automatically loaded for any user launching the tool on the same shared multi-user system.

Recommendations Update to version 2.1.75 or later.