Claude Code Workspace Trust Dialog Bypass Vulnerability Discovered

💬 Claude Code workspace trust dialog bypass via repository settings loading order [CVE-2026-33068, CVSS 7.7]. Settings resolved before trust dialog shown.CVE-2026-33068 is a vulnerability in Anthropic's Claude Code CLI tool (versions before 2.1.53) where a malicious .claude/settings.json file in a repository can bypass the workspace trust confirmation dialog. The issue occurs because repository-level settings, including the bypassPermissions field, are loaded before the trust dialog is shown to the user. This flaw allows permissions to be applied without user approval due to the incorrect settings loading order. The fix in version 2.1.53 ensures the trust dialog appears before settings are resolved.