CVE-2026-21852
- Entity ID:
ent-20260419-d265740f3d36 - Type:
issue - Scope:
shared - Status:
active - Aliases: ANTHROPIC_BASE_URL exfiltration
Description
CVSS 5.3 Medium vulnerability: API key exfiltration via ANTHROPIC_BASE_URL manipulation. Patched in v2.0.65 (January 2026).
Key claims
- Repo-controlled config takes effect before trust is established
Relations
- none yet