CVE-2025-58764 HIGH

CVE-2025-58764: Claude Code rg command had Command Injection that allowed bypass of user approval prompt for command execution

Vendor Anthropics
Product claude-code
Weakness CWE-94 · Code injection
Published September 10, 2025
Last update September 11, 2025

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Claude Code is an agentic coding tool. Due to an error in command parsing, versions prior to 1.0.105 were vulnerable to a bypass of the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to version 1.0.105 or the latest version.

Key dates

02Disclosure timeline

September 10, 2025 CVE published
September 11, 2025 Record updated