📄 中文摘要
Anthropic 的 Claude Code CLI 是一款由先进 AI 驱动的开发工具,近期暴露出一个关键安全漏洞,编号为 CVE-2026-33068,该漏洞属于高危级别(CVSS 7.7)的配置加载顺序缺陷。该缺陷可能导致未经授权的权限提升,给用户和系统带来潜在风险。开发团队已经采取措施修复此漏洞,以确保工具的安全性和可靠性。修复后的版本将改善配置加载的顺序,防止此类安全问题的再次发生。
Claude Code CLI 修复:解决配置加载顺序缺陷以防止未经授权的权限提升
📄 English Summary
Claude Code CLI Fixed: Configuration Loading Order Defect Resolved to Prevent Unauthorized Permission Elevation
Anthropic's Claude Code CLI, an advanced AI-powered developer tool, recently revealed a critical security vulnerability identified as CVE-2026-33068, classified as HIGH severity (CVSS 7.7) due to a configuration loading order defect. This vulnerability poses a risk of unauthorized permission elevation, potentially compromising user and system security. The development team has implemented measures to address this issue, ensuring the tool's safety and reliability. The updated version improves the configuration loading order, preventing the recurrence of such security concerns.