Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities by cnighswonger
CVE-2026-45136 (GCVE-0-2026-45136)
Vulnerability from nvd – Published: 2026-05-27 20:48 – Updated: 2026-06-02 16:07
VLAI
Title
claude-code-cache-fix: Local code execution via Python triple-quote injection in tools/quota-statusline.sh
Summary
claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh (introduced in v3.5.0) interpolates Claude Code's hook stdin payload directly into a Python triple-quoted string literal. A ''' byte sequence in any user-controlled field of the payload closes the literal early and lets following bytes execute as Python in the user's Claude Code process. This vulnerability is fixed in 3.5.2.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/cnighswonger/claude-code-cache… | x_refsource_CONFIRM |
| https://github.com/cnighswonger/claude-code-cache… | x_refsource_MISC |
| https://github.com/cnighswonger/claude-code-cache… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cnighswonger | claude-code-cache-fix |
Affected:
>= 3.5.0, < 3.5.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-45136",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-02T16:04:17.415452Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T16:07:20.540Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/cnighswonger/claude-code-cache-fix/security/advisories/GHSA-g3xq-3gmv-qq8g"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/cnighswonger/claude-code-cache-fix/issues/108"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "claude-code-cache-fix",
"vendor": "cnighswonger",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.5.0, \u003c 3.5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh (introduced in v3.5.0) interpolates Claude Code\u0027s hook stdin payload directly into a Python triple-quoted string literal. A \u0027\u0027\u0027 byte sequence in any user-controlled field of the payload closes the literal early and lets following bytes execute as Python in the user\u0027s Claude Code process. This vulnerability is fixed in 3.5.2."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T20:48:22.312Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/cnighswonger/claude-code-cache-fix/security/advisories/GHSA-g3xq-3gmv-qq8g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/cnighswonger/claude-code-cache-fix/security/advisories/GHSA-g3xq-3gmv-qq8g"
},
{
"name": "https://github.com/cnighswonger/claude-code-cache-fix/issues/108",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cnighswonger/claude-code-cache-fix/issues/108"
},
{
"name": "https://github.com/cnighswonger/claude-code-cache-fix/pull/110",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cnighswonger/claude-code-cache-fix/pull/110"
}
],
"source": {
"advisory": "GHSA-g3xq-3gmv-qq8g",
"discovery": "UNKNOWN"
},
"title": "claude-code-cache-fix: Local code execution via Python triple-quote injection in tools/quota-statusline.sh"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-45136",
"datePublished": "2026-05-27T20:48:22.312Z",
"dateReserved": "2026-05-08T20:08:17.210Z",
"dateUpdated": "2026-06-02T16:07:20.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-45136 (GCVE-0-2026-45136)
Vulnerability from cvelistv5 – Published: 2026-05-27 20:48 – Updated: 2026-06-02 16:07
VLAI
Title
claude-code-cache-fix: Local code execution via Python triple-quote injection in tools/quota-statusline.sh
Summary
claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh (introduced in v3.5.0) interpolates Claude Code's hook stdin payload directly into a Python triple-quoted string literal. A ''' byte sequence in any user-controlled field of the payload closes the literal early and lets following bytes execute as Python in the user's Claude Code process. This vulnerability is fixed in 3.5.2.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/cnighswonger/claude-code-cache… | x_refsource_CONFIRM |
| https://github.com/cnighswonger/claude-code-cache… | x_refsource_MISC |
| https://github.com/cnighswonger/claude-code-cache… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cnighswonger | claude-code-cache-fix |
Affected:
>= 3.5.0, < 3.5.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-45136",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-02T16:04:17.415452Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T16:07:20.540Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/cnighswonger/claude-code-cache-fix/security/advisories/GHSA-g3xq-3gmv-qq8g"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/cnighswonger/claude-code-cache-fix/issues/108"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "claude-code-cache-fix",
"vendor": "cnighswonger",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.5.0, \u003c 3.5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh (introduced in v3.5.0) interpolates Claude Code\u0027s hook stdin payload directly into a Python triple-quoted string literal. A \u0027\u0027\u0027 byte sequence in any user-controlled field of the payload closes the literal early and lets following bytes execute as Python in the user\u0027s Claude Code process. This vulnerability is fixed in 3.5.2."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T20:48:22.312Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/cnighswonger/claude-code-cache-fix/security/advisories/GHSA-g3xq-3gmv-qq8g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/cnighswonger/claude-code-cache-fix/security/advisories/GHSA-g3xq-3gmv-qq8g"
},
{
"name": "https://github.com/cnighswonger/claude-code-cache-fix/issues/108",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cnighswonger/claude-code-cache-fix/issues/108"
},
{
"name": "https://github.com/cnighswonger/claude-code-cache-fix/pull/110",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cnighswonger/claude-code-cache-fix/pull/110"
}
],
"source": {
"advisory": "GHSA-g3xq-3gmv-qq8g",
"discovery": "UNKNOWN"
},
"title": "claude-code-cache-fix: Local code execution via Python triple-quote injection in tools/quota-statusline.sh"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-45136",
"datePublished": "2026-05-27T20:48:22.312Z",
"dateReserved": "2026-05-08T20:08:17.210Z",
"dateUpdated": "2026-06-02T16:07:20.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}