The leak of Claude Code’s supply is already having penalties for the device’s security. Researchers have noticed a vulnerability documented within the code.
The vulnerability, revealed by AI security firm Adversa, is that if Claude Code is introduced with a command composed of greater than 50 subcommands, then for subcommands after the fiftieth it would override compute-intensive security evaluation that may in any other case have blocked a few of them, and as a substitute merely ask the consumer whether or not they wish to go forward. The consumer, assuming that the block guidelines are nonetheless in impact, could unthinkingly authorize the motion.
Extremely, the vulnerability is documented within the code, and Anthropic has already developed a repair for it, the tree-sitter parser, which can also be within the code however not enabled in public builds that prospects use, stated Adversa.
