VBS-2026-0011CRITICALCVSS 9.1CWE-284

Claude Code pre-trust startup execution (CVE-2025-59536)

A trust-dialog flaw allowed execution in untrusted project contexts before user trust acceptance.

Published

2025-10-03

Discovered By

Anthropic advisory

CVSS Score

9.1 / 10

Affected AI Platforms

Claude Code

Affected Tech Stack

Trust dialogProject startup hooks

Remediation

Upgrade to fixed Claude Code versions and enforce no process execution, file writes, or outbound requests before explicit trust acceptance.

#claude-code#pre-trust#trust-bypass#cve

References

https://nvd.nist.gov/vuln/detail/CVE-2025-59536

Check if your app is vulnerable to VBS-2026-0011

PolyDefender detects this and dozens of other AI-specific vulnerability patterns.

FAQ

How do I check if my Trust dialog + Project startup hooks app is affected by claude Code pre-trust startup execution (CVE-2025-59536)?

A trust-dialog flaw allowed execution in untrusted project contexts before user trust acceptance.. Search your codebase for Trust dialog, Project startup hooks patterns and verify the remediation has been applied. This is rated CVSS 9.1 — treat it as a live incident if your app is already in production.

Why does Claude Code generate code with CWE-284 (critical severity)?

A trust-dialog flaw allowed execution in untrusted project contexts before user trust acceptance.

How do I fix claude Code pre-trust startup execution (CVE-2025-59536)?

Upgrade to fixed Claude Code versions and enforce no process execution, file writes, or outbound requests before explicit trust acceptance.

What is CVE-2025-59536 and how does it affect Claude Code projects?

CVE-2025-59536 is a critical severity CVE with a CVSS score of 9.1, affecting Claude Code. A trust-dialog flaw allowed execution in untrusted project contexts before user trust acceptance..