Information disclosure in Anthropics Claude-code
CVE-2026-46406
Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path (/tmp/claude/response.md) without UID isolation, randomness, or symlink protection. The file…
Affected products
- Anthropics Claude-code — versions >= 2.1.59, < 2.1.128
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)