While working on superdesign project, I discovered a vulnerability (CVE-2025-66032) in the @anthropic-ai/claude-code package. The issue stems from improper parsing of shell commands, specifically around the Internal Field Separator (IFS) and short command-line flags.
CVE Link
CVE Report
While working on superdesign project, I discovered a vulnerability (CVE-2025-66032) in the @anthropic-ai/claude-code package. The issue stems from improper parsing of shell commands, specifically around the Internal Field Separator (IFS) and short command-line flags.
CVE Link
CVE Report