Advertisement

China flags security risk in Anthropic’s Claude Code, urges swift action

China's NVDB has issued a security alert about Anthropic's Claude Code, citing a backdoor risk that could transmit sensitive data without consent. The advisory affects versions 2.1.91 to 2.1.196, urging immediate uninstallation or upgrade. Alibaba has banned the tool, highlighting enterprise concerns over data exposure.

Advertisement
Advertisement

Developers and IT leaders are on alert after China issued a security warning about Anthropic’s Claude Code. The National Vulnerability Database flagged a serious ‘backdoor’ risk tied to the AI coding assistant, urging rapid checks and fixes. The stakes are already visible, with Alibaba banning the tool for workplace use.

What the Chinese advisory alleges

A cybersecurity platform operated by China’s industry ministry said Claude Code includes a built-in monitoring mechanism. In its WeChat notice, the National Vulnerability Database claimed the tool can transmit sensitive data to remote servers without user consent.

According to the advisory, the data at risk includes users’ geographic location and identity-related identifiers. The platform characterised the issue as a serious security backdoor, with potential for unauthorised data transfer.

Which versions are in scope

The warning applies to Claude Code versions 2.1.91 through 2.1.196. A separate advisory cited versions 2.1.9 through 2.1.196. Both notices point to a bounded set of releases under scrutiny.

The National Vulnerability Database said organisations and users should act immediately. It advised either uninstalling impacted versions or upgrading to the latest secure release, in which the alleged backdoor code has been removed.

Immediate steps recommended

NVDB’s guidance focuses on surfacing and stopping silent data flows from development environments. The advisory urges teams to tighten external network access for developer tools and to strengthen traffic monitoring on core business networks.

Based on NVDB’s guidance, teams should consider the following actions:
– Review all systems using Claude Code now
– Uninstall affected versions where found
– Upgrade to the latest secure release
– Restrict external network access for dev tools
– Increase traffic monitoring on core networks

Enterprise response and official comments

China’s Alibaba has banned employees from using Claude Code at work after the tool drew scrutiny for features that can help identify China-linked users, reported last week. The move underscores how quickly enterprises can shift policy when developer tooling raises data exposure concerns.

Anthropic did not immediately reply to a request for comment. The company has not issued a public response in the advisory cited.

Why this matters for developers and security teams

AI coding assistants are often embedded across IDEs, CI pipelines, and source control workflows. If a tool silently transmits location or identity-linked data, it can create legal, compliance, and IP protection risks across entire organisations.

The NVDB alert highlights a wider shift: development tools face the same zero-trust scrutiny as other enterprise software. For many teams, the next steps are practical rather than theoretical.

What comes next for users of Claude Code

Security teams will likely verify deployed versions, audit logs for unusual traffic, and confirm upgrades to the advised secure release. Closer controls on outbound connections from developer systems could reduce exposure to unauthorised transfers.

The advisory places attention on rigorous monitoring across core business networks. That emphasis signals that data-path visibility, not just endpoint patching, is central to mitigating this class of risk.

Advertisement
Advertisement
Advertisement