PyPI package
anthropic
pkg:pypi/anthropic
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-34452 | Med | 5.3 | >= 0.86.0, < 0.87.0 | 0.87.0 | Mar 31, 2026 | The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the async local filesystem memory tool in the Anthropic Python SDK validated that model-supplied paths resolved inside the sandboxed memory director | |
| CVE-2026-34450 | Med | 4.4 | >= 0.86.0, < 0.87.0 | 0.87.0 | Mar 31, 2026 | The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the local filesystem memory tool in the Anthropic Python SDK created memory files with mode 0o666, leaving them world-readable on systems with a sta |
- affected >= 0.86.0, < 0.87.0fixed 0.87.0
The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the async local filesystem memory tool in the Anthropic Python SDK validated that model-supplied paths resolved inside the sandboxed memory director
- affected >= 0.86.0, < 0.87.0fixed 0.87.0
The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the local filesystem memory tool in the Anthropic Python SDK created memory files with mode 0o666, leaving them world-readable on systems with a sta