China's MIIT Officially Warns of Backdoor Risks in Claude Code, Urges Immediate Audit

12    2026-07-10

On July 8, China's National Vulnerability Database (NVDB) under the Ministry of Industry and Information Technology issued an official security warning identifying backdoor vulnerabilities in Anthropic's AI programming tool Claude Code. Affecting versions 2.1.91 to 2.1.196, the tool contains hidden monitoring mechanisms that transmit sensitive user data including geographic location and device identifiers to overseas servers without authorization, with high stealth undetectable by average users. Authorities advise immediate enterprise-wide audits, uninstallation of affected versions or patching to secure releases, and strengthened control over development endpoint outbound permissions to prevent core code data leaks.

#ClaudeCode #Cybersecurity #AISafety #MIITNVDB

9376_bjiz_7537.jpeg