Claude Agent Sdk For Python CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-35022	1 Anthropic	2 Claude Agent Sdk For Python, Claude Code	2026-05-29	N/A
This CVE ID has been rejected by its CVE Numbering Authority (CNA). It was determined that the -p flag behavior is documented in Anthropic's claude -h output with an explicit warning that non-interactive mode should only be used in trusted directories, making this intended and described behavior rather than a vulnerability.
CVE-2026-35021	1 Anthropic	2 Claude Agent Sdk For Python, Claude Code	2026-05-29	N/A
This CVE ID has been rejected by its CVE Numbering Authority (CNA). It was determined that the affected code path cannot be triggered through normal usage of Claude Code.
CVE-2026-35020	1 Anthropic	2 Claude Agent Sdk For Python, Claude Code	2026-05-29	N/A
This CVE ID has been rejected by the its CVE Numbering Authority (CNA). It was determined that the attack requires an attacker to already control arbitrary environment variables, a level of access they consider functionally equivalent to code execution and outside the threat model of CLI tools.

Page 1 of 1.