High severityNVD Advisory· Published Sep 10, 2025· Updated Sep 11, 2025
Claude Code rg command had Command Injection that allowed bypass of user approval prompt for command execution
CVE-2025-58764
Description
Claude Code is an agentic coding tool. Due to an error in command parsing, versions prior to 1.0.105 were vulnerable to a bypass of the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to version 1.0.105 or the latest version.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
@anthropic-ai/claude-codenpm | < 1.0.105 | 1.0.105 |
Affected products
1- Range: < 1.0.105
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- github.com/advisories/GHSA-qxfv-fcpc-w36xghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-58764ghsaADVISORY
- github.com/anthropics/claude-code/security/advisories/GHSA-qxfv-fcpc-w36xghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.