VYPR

Openclaude

by Gitlawb

Source repositories

CVEs (2)

  • CVE-2026-42074CriJun 2, 2026
    risk 0.57cvss 9.8epss 0.01

    OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Prior to version 0.5.1, the dangerouslyDisableSandbox parameter is exposed as part of the BashTool input schema, meaning the LLM (an untrusted principal per the project's own…

  • CVE-2026-35570HigApr 21, 2026
    risk 0.48cvss 8.4epss 0.00

    OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Versions prior to 0.5.1 have a logic flaw in `bashToolHasPermission()` inside `src/tools/BashTool/bashPermissions.ts`. When the sandbox auto-allow feature is active and no…