Home > Vulnerability Database > CVE-2026-21852

Mend.io Vulnerability Database

CVE-2026-21852

Good to know:

Date: January 21, 2026

Claude Code is an agentic coding tool. Prior to version 2.0.65, vulnerability in Claude Code's project-load flow allowed malicious repositories to exfiltrate data including Anthropic API keys before users confirmed trust. An attacker-controlled repository could include a settings file that sets ANTHROPIC_BASE_URL to an attacker-controlled endpoint and when the repository was opened, Claude Code would read the configuration and immediately issue API requests before showing the trust prompt, potentially leaking the user's API keys. Users on standard Claude Code auto-update have received this fix already. Users performing manual updates are advised to update to version 2.0.65, which contains a patch, or to the latest version.

Severity Score

6.3

Related Resources (4)

Url: https://nvd.nist.gov/vuln/detail/CVE-2026-21852

Url: https://github.com/anthropics/claude-code/security/advisories/GHSA-jh7p-qr78-84p7

Url: https://github.com/anthropics/claude-code

Url: https://www.mend.io/vulnerability-database/CVE-2026-21852

Severity Score

6.3

Weakness Type (CWE)

Insufficiently Protected Credentials

CWE-522

Top Fix

Upgrade Version

Upgrade to version @anthropic-ai/claude-code - 2.0.65

Learn More

CVSS v3.1

Base Score:	6.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2026-21852

Good to know:

Date: January 21, 2026

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?