Threat Intel

v0.1

← CVEs

CVE-2026-33068

HIGH 8.8
Published
2026-03-20
Last Modified
2026-03-24
Affected Apps
50
Affected Devices
67
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Claude Code is an agentic coding tool. Versions prior to 2.1.53 resolved the permission mode from settings files, including the repo-controlled .claude/settings.json, before determining whether to display the workspace trust confirmation dialog. A malicious repository could set permissions.defaultMode to bypassPermissions in its committed .claude/settings.json, causing the trust dialog to be silently skipped on first open. This allowed a user to be placed into a permissive mode without seeing the trust confirmation prompt, making it easier for an attacker-controlled repository to gain tool execution without explicit user consent. This issue has been patched in version 2.1.53.
Affected Applications in Environment 50
Claude v1.569.0
20 devices
Claude v1.1.7203
5 devices
Claude v1.1.5368
8 devices
Claude v1.1.9493
15 devices
Claude v1.1.9669
16 devices
Claude v1.1.4498
11 devices
Claude v1.1.9134
8 devices
Claude v1.2.234
18 devices
Claude v1.1.6679
9 devices
Claude v1.1.7464
8 devices
Claude v1.1.4010
5 devices
Claude v1.1.8629
11 devices
Claude v1.1.6041
8 devices
Claude v1.1.5749
7 devices
Claude v1.1.9310
10 devices
Claude v1.0.0.0
32 devices
Claude v1.1.3770
2 devices
Claude v1.1.8308
6 devices
Claude v1.1.3189
3 devices
Claude v1.1.8359
8 devices
Claude v1.1.3918
2 devices
Claude v1.0.66
20 devices
Claude v1.0.64
9 devices
Claude v1.1.3363
2 devices
Claude v1.1.8986
9 devices
Claude v1.1.6452
7 devices
Claude v1.1.7714
12 devices
Claude v1.1.4328
6 devices
Claude v0.12.20
1 device
Claude v1.1.4173
3 devices
Claude v1.1.2998
1 device
Claude v1.1.2512
1 device
Claude v1.1.4088
2 devices
Claude v1.1.2685
2 devices
Claude v1.1.7053
7 devices
Claude v1.1.3963
2 devices
Claude v1.1.1520
1 device
Claude v1.1.3830
2 devices
Claude v1.0.63
1 device
Claude v1.1.3541
1 device
Claude v1.0.61
1 device
Claude v1.1.1890
1 device
Claude v0.14.10
1 device
Claude v1.0.62
1 device
Claude Code v2.1.50.0
1 device
Claude Code v2.1.51.0
3 devices
Claude Code v2.1.45.0
1 device
Claude Code v2.1.52.0
1 device
Claude Code v2.1.49.0
3 devices
Claude Code v2.1.41.0
1 device
Affected Devices 67
BRICH7 Windows CONNER5540 Windows DESKTOP-BEVD86P Windows DESKTOP-K6KKAQ1 Windows DESKTOP-OMEN Windows DESKTOP-QDORNBR Windows DPACCT-PF61HQPJ Windows DPAGEC-425083MR Windows DPAGEC-49PL3Q3 Windows DPAGEC-7WBGK74 Windows DPAGEC-BWKPMD4 Windows DPAGEC-BZZHGH4 Windows DPCPD-32SBBY3 Windows DPCUBC-8G7D3H4 Windows DPDISR-FZ5XKH2 Windows DPEMAE-L0243WQL Windows DPHSNG-449500CE Windows DPHSNG-LTSTRING Windows DPHSNG-T800122X Windows DPHSOB-1T48Q54 Windows DPHSOB-61CG0R3 Windows DPHSOB-6KZQN13 Windows DPHSOB-P25253Q6 Windows DPINFT-02609239 Windows DPINFT-1904989 Windows DPINFT-6P663188 Windows DPINFT-8FW4RW3 Windows DPINFT-8JMDH24 Windows DPINFT-C90GVF4 Windows DPINFT-L2273Y5C Windows DPINFT-PF4T19CJ Windows DPMATH-PW06A9JW Windows DPRCMP-DB57Z64 Windows DPSTUD-V25173P7 Windows DPUWRL-PF5C7SY3 Windows DPVPRS-JBD7LY3 Windows EBB118-22 Windows EBB118-27 Windows EDL-36 Windows F-16 Mac FTB-DL7350-03 Windows FTB-DL7350-08 Windows HTTS171501 Windows LAPTOP-6UP13PGQ Windows LAPTOP-D30CGMB7 Windows LGN-HH-160 Windows LGN-HH-322 Windows STUBER-G0DGQ54 Windows UB-B221T Windows UB-V-218HPLC Windows USULOAN257 Windows YNG-LAB-TPADX1 Windows YOUNG-THINKPAD- Windows a00015523-HL9P9L0MC7 Mac a00344643-K6TXHM3XXM Mac a00367884-D6Q7MJ9CQC Mac a00674610-K174279JG4 Mac a01760171-K4L0J4RM9V Mac a02041378-C4WTVQR03F Mac a02200950-LFJ7WX26VF Mac a02287748-HQHVV125JY Mac a02291312-J4DJC30Y9P Mac a02388352-LQ22WMQLKF Mac a02481579-HFY3Y7Q445 Mac a02483892-GPWGWRXQVC Mac murftastic.local Mac ryan-MacBook-Pro-2023 Mac
References 1