CVE-2026-25724

UNKNOWN 0.0

Claude Code Has Permission Deny Bypass Through Symbolic Links

CVSS Score

0.0

EPSS Score

0.1%

EPSS Percentile

20th

Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code failed to strictly enforce deny rules configured in settings.json when accessing files through symbolic links. If a user explicitly denied Claude Code access to a file (such as /etc/passwd) and Claude Code had access to a symbolic link pointing to that file, it was possible for Claude Code to read the restricted file through the symlink without triggering deny rule enforcement. This issue has been patched in version 2.1.7.

CWE	CWE-61 CWE-285
Vendor	anthropics
Product	claude-code
Published	Feb 6, 2026
Last Updated	Mar 27, 2026

Stay Ahead of the Next One

Get instant alerts for anthropics claude-code

Be the first to know when new unknown vulnerabilities affecting anthropics claude-code are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

anthropics / claude-code

< 2.1.7

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/anthropics/claude-code/security/advisories/GHSA-4q92-rfm6-2cqx terra.security: https://www.terra.security/blog/when-ai-becomes-the-attack-surface-lessons-from-discovering-cve-2026-25724