CVE-2026-35022

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-35022
Rejected reason: This CVE ID has been rejected by its CVE Numbering Authority (CNA). It was determined that the -p flag behavior is documented in Anthropic's claude -h output with an explicit warning that non-interactive mode should only be used in trusted directories, making this intended and described behavior rather than a vulnerability.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

29 May 2026, 18:16

Type Values Removed Values Added
References
  • {'url': 'https://phoenix.security/critical-ci-cd-nightmare-3-command-injection-flaws-in-claude-code-cli-allow-credential-exfiltration/', 'tags': ['Exploit', 'Third Party Advisory'], 'source': 'disclosure@vulncheck.com'}
  • {'url': 'https://www.vulncheck.com/advisories/anthropic-claude-code-agent-sdk-os-command-injection-via-authentication-helper', 'tags': ['Third Party Advisory'], 'source': 'disclosure@vulncheck.com'}
CWE CWE-78
CPE cpe:2.3:a:anthropic:claude_code:*:*:*:*:*:node.js:*:*
cpe:2.3:a:anthropic:claude_agent_sdk:*:*:*:*:*:python:*:*
CVSS v2 : unknown
v3 : 9.8 		v2 : unknown
v3 : unknown
Summary (en) Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in authentication helper execution where helper configuration values are executed using shell=true without input validation. Attackers who can influence authentication settings can inject shell metacharacters through parameters like apiKeyHelper, awsAuthRefresh, awsCredentialExport, and gcpAuthRefresh to execute arbitrary commands with the privileges of the user or automation environment, enabling credential theft and environment variable exfiltration. (en) Rejected reason: This CVE ID has been rejected by its CVE Numbering Authority (CNA). It was determined that the -p flag behavior is documented in Anthropic's claude -h output with an explicit warning that non-interactive mode should only be used in trusted directories, making this intended and described behavior rather than a vulnerability.

29 Apr 2026, 19:00

Type Values Removed Values Added
References () https://phoenix.security/critical-ci-cd-nightmare-3-command-injection-flaws-in-claude-code-cli-allow-credential-exfiltration/ - () https://phoenix.security/critical-ci-cd-nightmare-3-command-injection-flaws-in-claude-code-cli-allow-credential-exfiltration/ - Exploit, Third Party Advisory
References () https://www.vulncheck.com/advisories/anthropic-claude-code-agent-sdk-os-command-injection-via-authentication-helper - () https://www.vulncheck.com/advisories/anthropic-claude-code-agent-sdk-os-command-injection-via-authentication-helper - Third Party Advisory
First Time Anthropic
Anthropic claude Agent Sdk
Anthropic claude Code
CPE cpe:2.3:a:anthropic:claude_code:*:*:*:*:*:node.js:*:*
cpe:2.3:a:anthropic:claude_agent_sdk:*:*:*:*:*:python:*:*

06 Apr 2026, 20:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-04-06 20:16

Updated : 2026-05-29 18:16

NVD link : CVE-2026-35022

Mitre link : CVE-2026-35022

CVE.ORG link : CVE-2026-35022

JSON object : View

Products Affected

No product.

CWE

No CWE.