claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability

Claude-hovercraft contains a critical remote code execution vulnerability (CVE-2025-15060) that allows unauthenticated attackers to execute arbitrary code on affected systems with a CVSS score of 9.8. This is a severe flaw because no credentials are needed to exploit it, making it trivially accessible to any attacker with network access. Security teams should immediately prioritize patching all affected claude-hovercraft installations and isolate vulnerable systems until updates are available.