Description
Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path traversal vulnerability that allows attackers to read arbitrary files by supplying an unvalidated transcript_path value via stdin JSON. Attackers can access any file readable by the process and the file metadata is written to a persistent cache file with insufficient permissions, creating a forensic record of accessed paths that survives process exit.
Published: 2026-05-18
Score: 4.8 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Claude HUD versions up to 0.0.12 contain a path traversal flaw. By supplying an unvalidated transcript_path value through stdin in a JSON payload, an attacker can read any file that the running process can access. The vulnerability also writes file metadata to a global cache file with insufficient permissions, leaving a forensic trail of accessed paths after the process terminates.

Affected Systems

The affected product is Claude HUD from jarrodwatts, specifically releases up to and including 0.0.12. The patch is applied in commit 234d9aa, so any version that has not incorporated this commit remains vulnerable.

Risk and Exploitability

The CVSS score of 4.8 indicates moderate risk. No EPSS data is publicly available, and it is not listed in the CISA KEV catalog. The vulnerability can be exploited locally via the process’s stdin interface; if the application is exposed to network inputs, remote exploitation could be possible. Attackers with file read permissions on the system can harvest arbitrary files and leave a persistent record of the paths accessed.

Generated by OpenCVE AI on May 18, 2026 at 21:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the official patch contained in commit 234d9aa or upgrade to a version newer than 0.0.12.
  • Restrict the application to accept stdin input only from trusted sources or users.
  • Secure the persistent cache file by applying proper file permissions so that only authorized personnel can view its contents.

Generated by OpenCVE AI on May 18, 2026 at 21:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 18 May 2026 20:15:00 +0000

Type Values Removed Values Added
Description Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path traversal vulnerability that allows attackers to read arbitrary files by supplying an unvalidated transcript_path value via stdin JSON. Attackers can access any file readable by the process and the file metadata is written to a persistent cache file with insufficient permissions, creating a forensic record of accessed paths that survives process exit.
Title Claude HUD 0.0.12 Path Traversal via transcript_path
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-18T19:48:16.829Z

Reserved: 2026-05-18T19:22:26.747Z

Link: CVE-2026-47091

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-18T20:16:39.863

Modified: 2026-05-18T20:19:31.307

Link: CVE-2026-47091

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-18T21:30:15Z

Weaknesses