What is the CVSS score of EUVD-2025-201016?

EUVD-2025-201016 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Claude Code are affected by EUVD-2025-201016?

Claude Code versions prior to 1.0.93 contain a critical vulnerability (CVSS 9.8) that allows attackers to execute arbitrary code by injecting malicious content into the tool's context.. A patch is available.

Is there a public PoC exploit available for EUVD-2025-201016?

Yes, a public proof-of-concept exploit is available for EUVD-2025-201016. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate EUVD-2025-201016?

Within 24 hours: Inventory all Claude Code deployments and identify instances processing external or user-supplied content. Within 7 days: Immediately upgrade to Claude Code version 1.0.93 or later across all systems; if upgrading is not possible, disable Claude Code functionality pending patch availability. Within 30 days: Conduct a security audit of Claude Code usage patterns and implement input validation controls to prevent future similar vulnerabilities.

Claude Code EUVD-2025-201016

| CVE-2025-66032 CRITICAL

Command Injection (CWE-77)

2025-12-03 security-advisories@github.com

GHSA-xq4m-mc3c-vvg3

Command Injection RCE Claude Code

9.8

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

9.8 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch released

Mar 31, 2026 - 21:13 nvd

Patch available

EUVD ID Assigned

Mar 15, 2026 - 16:14 euvd

EUVD-2025-201016

Analysis Generated

Mar 15, 2026 - 16:14 vuln.today

CVE Published

Dec 03, 2025 - 19:15 nvd

CRITICAL 9.8

DescriptionGitHub Advisory

Claude Code is an agentic coding tool. Prior to 1.0.93, Due to errors in parsing shell commands related to $IFS and short CLI flags, it was possible to bypass the Claude Code read-only validation and trigger arbitrary code execution. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. This vulnerability is fixed in 1.0.93.

Analysis

Technical ContextAI

Command injection allows an attacker to execute arbitrary OS commands on the host system through a vulnerable application that passes user input to system shells.

RemediationAI

Avoid passing user input to system commands. Use language-specific APIs instead of shell commands. If unavoidable, use strict input validation and escaping.

EUVD-2025-201016 vulnerability details – vuln.today

Back

Claude Code EUVD-2025-201016

Severity by source

CVSS VectorGitHub Advisory

Lifecycle Timeline

DescriptionGitHub Advisory

Analysis

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code