VYPR
High severityNVD Advisory· Published Oct 3, 2025· Updated Oct 3, 2025

Claude Code's startup trust dialog could lead to Command Execution attack

CVE-2025-59536

Description

Claude Code is an agentic coding tool. Versions before 1.0.111 were vulnerable to Code Injection due to a bug in the startup trust dialog implementation. Claude Code could be tricked to execute code contained in a project before the user accepted the startup trust dialog. Exploiting this requires a user to start Claude Code in an untrusted directory. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version. This issue is fixed in version 1.0.111.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
@anthropic-ai/claude-codenpm
< 1.0.1111.0.111

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

6