https://oddguan.com/tags/null-byte-injection/Recent content in Null-Byte Injection on Aonan Guanhttps://oddguan.com/avatar.webphttps://oddguan.com/avatar.webpHugo -- 0.147.7en-usWed, 20 May 2026 00:00:00 +0000https://oddguan.com/blog/second-time-same-sandbox-anthropic-claude-code-network-allowlist-bypass-data-exfiltration/Wed, 20 May 2026 00:00:00 +0000https://oddguan.com/blog/second-time-same-sandbox-anthropic-claude-code-network-allowlist-bypass-data-exfiltration/For the second time in five months, Anthropic Claude Code's network sandbox lets a process inside reach hosts the user's policy says to block, and exfiltrate any data the process touches. Every Claude Code release from 2.0.24 (sandbox GA on 2025-10-20) through 2.1.89 was vulnerable to a SOCKS5 hostname null-byte injection. About 5.5 months and ~130 versions, including the release that silently fixed the first sandbox bypass. Both findings ended in a silent fix and no Claude Code security advisory.