Synced 16 Jun 2026 15:24 UTC Account
← All products

CVE-2026-40068

HIGH severity · CVSS 8.8 · Improper input validation
8.8CVSS HIGH

Summary

In versions 2.1.63 through 2.1.83 of Claude Code, the folder trust determination logic used the git worktree commondir file without validating its contents. An attacker could craft a malicious repository with a commondir file pointing to a path the victim had previously trusted, causing Claude Code to bypass its trust confirmation dialog and immediately execute hooks defined in `.claude/settings.json`. Exploitation requires the victim to clone the malicious repository and run Claude Code within it, and the attacker must know or guess a path the victim had already trusted. This issue has been fixed in version 2.1.84.

Impact & exploitability

Attack vectorNetwork
Attack complexityLow
Privileges requiredNone
User interactionRequired
Confidentiality impactHigh
Integrity impactHigh
Availability impactHigh
Exploit probability (EPSS)0%

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products we track (1)

Claude Code

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Additional information