On July 8, China's National Vulnerability Database (NVDB) under the Ministry of Industry and Information Technology issued an official security warning identifying backdoor vulnerabilities in Anthropic's AI programming tool Claude Code. Affecting versions 2.1.91 to 2.1.196, the tool contains hidden monitoring mechanisms that transmit sensitive user data including geographic location and device identifiers to overseas servers without authorization, with high stealth undetectable by average users. Authorities advise immediate enterprise-wide audits, uninstallation of affected versions or patching to secure releases, and strengthened control over development endpoint outbound permissions to prevent core code data leaks.
#ClaudeCode #Cybersecurity #AISafety #MIITNVDB
