AI description
CVE-2025-64755 refers to a vulnerability found in the Claude Code tool. It involves a sed command validation bypass that could allow an attacker to write to arbitrary files on the host system. This vulnerability is due to an error in how the sed command is parsed. The vulnerability affects versions of @anthropic-ai/claude-code prior to 2.0.31. Users who have automatic updates enabled will have received the fix automatically, while those performing manual updates are advised to update to the latest version.
- Description
- Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. This issue has been patched in version 2.0.31.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
- Products
- claude_code
CVSS 4.0
- Type
- Secondary
- Base score
- 8.7
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security-advisories@github.com
- CWE-78
- Hype score
- Not currently trending
AI tooling and MCP servers are entering enterprises fast, often faster than security teams can assess the risks. During a recent engagement, @_xpn_ found a new Claude Code vuln (CVE-2025-64755) while exploring MCP abuse paths. 👀 Read the details ↓ https://t.co/UzugTlkTBI
@SpecterOps
21 Nov 2025
4639 Impressions
12 Retweets
40 Likes
25 Bookmarks
0 Replies
0 Quotes
New blog post is up exploring a vuln I found in Claude Code (CVE-2025-64755) allowing arbitrary file write without a consent prompt. New tech is always fun to explore, hopefully this post gives you some hints as to future research :) https://t.co/UiXp9XN5NA
@_xpn_
21 Nov 2025
44192 Impressions
52 Retweets
238 Likes
109 Bookmarks
5 Replies
3 Quotes
Got a @_xpn_ discovery , nice work CVE-2025-64755 @anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File Writes https://t.co/PdAcgbnGr9
@N3mes1s
21 Nov 2025
22378 Impressions
7 Retweets
62 Likes
22 Bookmarks
3 Replies
3 Quotes
CVE-2025-64755 Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation… https://t.co/cOgx2mRyJN
@CVEnew
21 Nov 2025
232 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:anthropic:claude_code:*:*:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "6E0A418C-AA00-43D0-A71B-A858648E3B02",
"versionEndExcluding": "2.0.31"
}
],
"operator": "OR"
}
]
}
]