MIIT Issues a Risk Alert Regarding Security Backdoor Vulnerabilities in the AI Programming Tool Claude Code

TechFlowJul 7, 2026
On July 8, recently, the Ministry of Industry and Information Technology's Network Security Threat and Vulnerability Information Sharing Platform (NVDB) monitored and discovered that the AI programming tool Claude Code has a security backdoor risk, posing a serious threat.

Claude Code is an AI programming tool developed by the American company Anthropic, which can independently complete code writing, fixing, and other tasks based on text requirements. Because it has a built-in monitoring mechanism, it can transmit sensitive information such as user location and identity identifiers to remote servers without user consent. The affected versions of Claude Code are 2.1.91 to 2.1.196.

It is recommended that relevant units and users immediately conduct a comprehensive investigation. For development terminals that have installed the affected versions mentioned above, immediately uninstall or upgrade to the latest secure version with the relevant backdoor code removed. Strengthen the control of external access permissions for development tools within core business network segments and monitor traffic to prevent sensitive data from being transmitted improperly.

[TechFlow]

Source
Powered by ChatGPT
All You Need to Know in 10s
Your One-Stop Crypto Investment Powerhouse

MIIT Issues a Risk Alert Regarding Security Backdoor Vulnerabilities in the AI Programming Tool Claude Code

TechFlowJul 7, 2026
On July 8, recently, the Ministry of Industry and Information Technology's Network Security Threat and Vulnerability Information Sharing Platform (NVDB) monitored and discovered that the AI programming tool Claude Code has a security backdoor risk, posing a serious threat.

Claude Code is an AI programming tool developed by the American company Anthropic, which can independently complete code writing, fixing, and other tasks based on text requirements. Because it has a built-in monitoring mechanism, it can transmit sensitive information such as user location and identity identifiers to remote servers without user consent. The affected versions of Claude Code are 2.1.91 to 2.1.196.

It is recommended that relevant units and users immediately conduct a comprehensive investigation. For development terminals that have installed the affected versions mentioned above, immediately uninstall or upgrade to the latest secure version with the relevant backdoor code removed. Strengthen the control of external access permissions for development tools within core business network segments and monitor traffic to prevent sensitive data from being transmitted improperly.

[TechFlow]

Powered by ChatGPT
Scan QR Code to Explore more key information
One-stop financial research platform for Crypto Investors