CVE-2025-65099: 
JavaScript Análisis y mitigación de vulnerabilidades

Claude Code, an agentic coding tool, has been identified with a high-severity vulnerability tracked as CVE-2025-65099. The vulnerability was discovered and disclosed in November 2025, affecting the npm package @anthropic-ai/claude-code (GitHub Advisory).

The vulnerability involves command execution capabilities that can be triggered prior to the Claude Code startup trust dialog. This represents a significant security concern that has been marked for NVD enrichment efforts (NVD).

The vulnerability allows unauthorized command execution before the trust dialog appears, potentially enabling malicious actors to execute arbitrary commands without proper user authorization or validation.