The Chinese regulator (MIIT via NVDB) reported the discovery of a critical vulnerability in Anthropic's Claude Code tool. Versions of the tool ranging from 2.1.91 to 2.1.196 may contain a backdoor that allows unauthorized transmission of user location and identity data to remote servers.

image
image

What Happened

Chinese regulators identified a vulnerability in Claude Code that allows the tool to covertly collect and transmit user metadata, including geolocation and identification data, to third-party servers. To mitigate the threat, users are strongly advised to immediately update the tool to version 2.1.204 or higher.

Context

The incident affects the AI coding agents segment—autonomous assistants that have direct access to the local development environment, codebase, and the developer's personal data. Such vulnerabilities turn technical errors into strategic security risks, especially amidst growing geopolitical confrontation in the field of AI technologies.

Why It Matters for the Industry

This case highlights the critical need to implement monitoring tools for the behavior of autonomous AI agents and to strengthen requirements for their isolation (sandboxing). The industry may face increased demand for Security-first AI Agents and specialized gateways to filter outgoing traffic from neural network-based development tools.

Why It Matters for Users

Developers using Claude Code need to conduct an emergency audit of their current versions. Using vulnerable versions (2.1.91–2.1.196) risks the leakage of not only intellectual property (code) but also personal information, including location data and activity within the environment.

What Is Not Yet Known / Limitations

Technical details regarding the implementation of the backdoor and the exact list of affected servers have not been specified.

Sources

Author

Look at AI, Editorial Staff