XSS in Anthropics Claude-code

CVE-2026-24053

Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory wit…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.000 (6.5th percentile) — read the EPSS interpretation.