DOC27

How to Check If Your Claude Code Installation Is Affected by CVE-2026-39861 (CVSS 7.7)

DEV.to AI·May 8, 2026

CVE-2026-39861 is a critical sandbox escape vulnerability in Claude Code, allowing file writes outside the workspace directory. Users of Claude Code below version 2.1.64 must update immediately to patch this flaw, which exploits symbolic link following across two processes.

vulnerability Claude Code security CVE sandbox escape

Read original ↗