CVE-2026-47092

HighPublic PoC

Published: 18 May 2026

Published

18 May 2026

Modified

18 May 2026

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0004 11.6th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-47092 is a high-severity Uncontrolled Search Path Element (CWE-427) vulnerability. Its CVSS base score is 7.8 (High).

Operationally, ranked at the 11.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as APIs and Models.

NVD Description

Claude HUD through 0.0.12, patched in commit 234d9aa, contains a command injection vulnerability that allows local attackers to execute arbitrary commands by manipulating the COMSPEC environment variable. Attackers can set COMSPEC to an arbitrary binary path before claude-hud performs its…

version check, causing execFile() to execute the attacker-supplied executable with cmd.exe arguments, resulting in arbitrary code execution on Windows systems.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s): CWE-427

AI Security AnalysisAI

AI Category: APIs and Models
Risk Domain: N/A
OWASP Top 10 for LLMs 2025: None mapped
Classification Reason: Matched keywords: claude, claude

References

https://github.com/jarrodwatts/claude-hud/commit/234d9aad919b51326a43bcf90b45ae35c23afc30
disclosure@vulncheck.com
https://github.com/jarrodwatts/claude-hud/issues/485
disclosure@vulncheck.com
https://github.com/jarrodwatts/claude-hud/pull/487
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/claude-hud-arbitrary-command-execution-via-comspec-environment-variable
disclosure@vulncheck.com