CVE-2026-35022
Published April 7, 2026 · Updated April 7, 2026
What This Means
CVE-2026-35022 is a critical OS command injection vulnerability in the Anthropic Claude Code CLI and Claude Agent SDK. It allows authenticated attackers to manipulate authentication settings and inject arbitrary shell commands via parameters such as `apiKeyHelper` or `awsAuthRefresh`, which may lead to credential theft and unauthorized access to sensitive environment variables. To mitigate this risk, review and validate all inputs to these parameters, ensure proper configuration, and limit user permissions where possible.
Official Description+
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in authentication helper execution where helper configuration values are executed using shell=true without input validation. Attackers who can influence authentication settings can inject shell metacharacters through parameters like apiKeyHelper, awsAuthRefresh, awsCredentialExport, and gcpAuthRefresh to execute arbitrary commands with the privileges of the user or automation environment, enabling credential theft and environment variable exfiltration.
Recommended Actions
- Check if your systems use any of the affected products listed above.
- Apply vendor patches immediately if available.
- Monitor vendor advisories for updates and additional mitigations.
- Review logs for indicators of compromise related to CVE-2026-35022.