What is CVE-2025-59536?

CVE-2025-59536 is a vulnerability in Anthropics Claude-code, classified under Code Injection. Published 2025-10-03.

Is CVE-2025-59536 known to be exploited?

6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Anthropics Claude-code

CVE-2025-59536

Claude Code is an agentic coding tool. Versions before 1.0.111 were vulnerable to Code Injection due to a bug in the startup trust dialog implementation. Claude Code could be tricked to execute code contained in a project before the user a…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.000 (12.1th percentile) — read the EPSS interpretation.

Affected products

Anthropics Claude-code — versions < 1.0.111

Weakness classification (CWE)

CWE-94 — Code Injection

Public proof-of-concept exploits

DBarr3/AETHER-PROTOCOL-P
tacdm/cve-2025-59536-poc
Razi-Interactive/claude-project-scanner
TreRB/ai-ide-config-guard
NetVanguard-cmd/CVE-2025-59536
Rohitberiwala/Claude-Code-MCP-Injection-PoC

References

https://github.com/anthropics/claude-code/security/advisories/GHSA-4fgq-fpq9-mr3g (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2025-59536?: CVE-2025-59536 is a vulnerability in Anthropics Claude-code, classified under Code Injection. Published 2025-10-03.
Is CVE-2025-59536 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.