// ClaudeHIGH
Researchers disclosed a network sandbox bypass vulnerability in Claude Code that allows attackers to escape whitelisted domain restrictions. The vulnerability stems from semantic inconsistency between the proxy filter layer and network parser; specially crafted requests with control characters or null bytes bypass access controls and redirect to unauthorized external hosts, enabling data exfiltration. Impact is amplified in agent scenarios where network requests are driven by model decisions processing external input.
// Get alerts for Claude