CYBERHAWK / CVE / CVE-2026-39861

CVE-2026-39861

Claude Code

CRITICAL CVSS 10.0 ai

The flaw

Symlink sandbox bypass allows writing outside workspace without user prompt

Update to version 2.1.64 or later

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-04-24 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits