Adam Chester discovered a privilege escalation and command execution vulnerability in Claude Code, which allows command execution without user authorization. Vulnerability ID: CVE-2025-64755. Proof of Concept (PoC) has been made public. This is the same issue as before with Cursor, which has not been fixed yet? 🤣

https://cymulate.com/blog/cve-2025-547954-54795-claude-inverseprompt/