Security researchers have discovered critical vulnerabilities in Anthropic’s Claude Code that allow attackers to bypass security restrictions and execute unauthorized commands, with the AI assistant itself helping to facilitate these attacks.
The vulnerabilities, designated CVE-2025-54794 and CVE-2025-54795, demonstrate how sophisticated AI tools designed to enhance developer productivity can become vectors for system compromise when security boundaries are improperly implemented.
https://gbhackers.com/claude-ai-flaws/