Claude Code Vulnerability Exposed for One Year Allows Silent Command Execution
2026-07-18 10:12

Woofun AI reports that Cos, founder of SlowMist, disclosed a high-severity security vulnerability in Claude Code involving potential poisoning attacks. The analysis highlights inconsistent security mechanisms in Grok Build CLI and Claude Code CLI, where divergent trust assumptions create exploitable gaps. Attackers can leverage malicious project configuration files to execute arbitrary commands without user awareness. Testing on Mac systems demonstrated that specific commands could trigger local applications like the calculator, confirming execution risks. Successful exploitation may lead to the theft of API keys from services such as Claude and OpenAI, resulting in financial losses.

Additionally, attackers could obtain credentials for cloud providers including AWS, Alibaba Cloud, and Tencent Cloud to access servers and data. The vulnerability also enables code repository tampering for backdoor implantation and allows local devices to serve as entry points for internal enterprise network attacks. This security flaw has reportedly existed for one year.

Disclaimer: Views are the author's own and do not represent the platform. Do not reproduce without permission. Content is for reference only, not investment advice. Trade at your own risk.
Tags:
Cos
SlowMist
Claude Code
Grok Build CLI
Claude Code CLI
Claude
OpenAI
Share:
back