Severity by source
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (VulnCheck) · only source for this CVE.
CVSS VectorVendor: VulnCheck
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Claude HUD through 0.0.12, patched in commit 234d9aa, contains a command injection vulnerability that allows local attackers to execute arbitrary commands by manipulating the COMSPEC environment variable. Attackers can set COMSPEC to an arbitrary binary path before claude-hud performs its version check, causing execFile() to execute the attacker-supplied executable with cmd.exe arguments, resulting in arbitrary code execution on Windows systems.
Articles & Coverage 1
AnalysisAI
Local privilege code execution in jarrodwatts/claude-hud through version 0.0.12 on Windows allows authenticated local users to run arbitrary executables by setting the COMSPEC environment variable before the tool's version check, where execFile() launches whatever binary COMSPEC points to with cmd.exe-style arguments. The flaw is tracked as CWE-427 (Uncontrolled Search Path Element) and was reported by VulnCheck; no public exploit identified at time of analysis, but the upstream commit 234d9aa makes the fix mechanics straightforward to reverse-engineer.
Technical ContextAI
claude-hud is a Node.js-based status/HUD utility (cpe:2.3:a:jarrodwatts:claude-hud) that shells out to cmd.exe on Windows to perform a version check. It uses Node's child_process.execFile() but resolves the interpreter via the COMSPEC environment variable rather than a hardened absolute path, which maps directly to CWE-427: the program trusts an externally controllable search/path element to locate a critical binary. Because execFile() does not invoke a shell, the issue is not classic shell metacharacter injection but rather a binary-substitution flaw - whatever path COMSPEC names is executed verbatim, with cmd.exe's argument list appended.
RemediationAI
Upgrade claude-hud to the release containing upstream fix commit 234d9aad919b51326a43bcf90b45ae35c23afc30 (merged via PR #487); the project notes versions after 0.0.12 are patched, and an exact released tag should be confirmed against the repository releases page before rollout. If immediate upgrade is not possible, compensating controls on Windows are to unset or hardcode COMSPEC to %SystemRoot%\System32\cmd.exe in any shell or service that launches claude-hud, restrict who can modify environment variables for that process (avoid running claude-hud from contexts where lower-privileged users can influence the environment block), and avoid invoking claude-hud from elevated or service accounts until patched - the trade-off is that altering COMSPEC globally can break legitimate scripts that expect a customized command processor.
More in Claude Hud
View allPath traversal in Claude HUD through version 0.0.12 permits local low-privileged attackers to read arbitrary files by su
Terminal injection in Claude HUD through version 0.0.12 allows an attacker who controls a Git branch name or working dir
Same weakness CWE-427 – Uncontrolled Search Path Element
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30802
GHSA-p5qq-v9mc-39ff