CVE-2026-46406 | Anthropic claude-code up to 2.1.127 /tmp/claude/response.md link following (GHSA-4vp2-6q8c-pvq2)
A vulnerability, which was classified as critical, has been found in Anthropic claude-code up to 2.1.127. Affected by this vulnerability is an unknown functionality of the file /tmp/claude/response.md. The manipulation leads to link following.
This vulnerability is uniquely identified as CVE-2026-46406. Local access is required to approach this attack. No exploit exists.
It is advisable to upgrade the affected component.VulDB Recent EntriesRead More