Vulnerability in Anthropics Anthropic-sdk-python

CVE-2026-34450

The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the local filesystem memory tool in the Anthropic Python SDK created memory files with mode 0o666, leaving…

EPSS: 0.000 (1.0th percentile) — read the EPSS interpretation.

Affected products

Anthropics Anthropic-sdk-python — versions >= 0.86.0, < 0.87.0

Weakness classification (CWE)

References

https://github.com/anthropics/anthropic-sdk-python/security/advisories/GHSA-q5f5-3gjm-7mfm (x_refsource_CONFIRM)
https://github.com/anthropics/anthropic-sdk-python/commit/715030ceb4d6dd8d3546e999c680e29532bf1255 (x_refsource_MISC)
https://github.com/anthropics/anthropic-sdk-python/releases/tag/v0.87.0 (x_refsource_MISC)