CVE-2026-41686— Claude SDK for TypeScript has Insecure Default File Permissions in Local Filesystem Memory Tool
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-41686
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Claude SDK for TypeScript has Insecure Default File Permissions in Local Filesystem Memory Tool
Source: NVD (National Vulnerability Database)
Vulnerability Description
Claude SDK for TypeScript provides access to the Claude API from server-side TypeScript or JavaScript applications. From version 0.79.0 to before version 0.91.1, the BetaLocalFilesystemMemoryTool in the Anthropic TypeScript SDK created memory files and directories using the Node.js default modes (0o666 for files, 0o777 for directories), leaving them world-readable on systems with a standard umask and world-writable in environments with a permissive umask such as many Docker base images. A local attacker on a shared host could read persisted agent state, and in containerized deployments could modify memory files to influence subsequent model behavior. This issue has been patched in version 0.91.1.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
关键资源的不正确权限授予
Source: NVD (National Vulnerability Database)
Vulnerability Title
Claude SDK for TypeScript 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Claude SDK for TypeScript是Anthropic开源的一个用于调用Claude API的TypeScript软件开发工具包。 Claude SDK for TypeScript 0.79.0版本至0.91.1之前版本存在安全漏洞,该漏洞源于BetaLocalFilesystemMemoryTool使用Node.js默认模式创建内存文件和目录,可能导致本地攻击者读取持久化代理状态或修改内存文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| anthropics | anthropic-sdk-typescript | >= 0.79.0, < 0.91.1 | - |
II. Public POCs for CVE-2026-41686
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-41686
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same vendor: anthropics
- CVE-2026-40068
Claude Code arbitrary code execution via git worktree common - CVE-2026-39861
Claude Code: Sandbox Escape via Symlink Following Allows Arb - CVE-2026-35603
Claude Code: Insecure System-Wide Configuration Loading Enab - CVE-2026-34451
Claude SDK for TypeScript: Memory Tool Path Validation Allow - CVE-2026-34450
Claude SDK for Python: Insecure Default File Permissions in
Same weakness: CWE-732
- CVE-2026-41288
WatchGuard Agent on Windows Privilege Escalation Vulnerabili - CVE-2026-6499
ILM Informatique OpenConcerto 安全漏洞 - CVE-2026-41366
OpenClaw < 2026.3.31 - Arbitrary Host File Read via appendLo - CVE-2026-35367
uutils coreutils nohup Information Disclosure via Insecure D - CVE-2026-35341
uutils coreutils mkfifo Unauthorized Permission Change on Ex
V. Comments for CVE-2026-41686
No comments yet