China's Ministry of Industry and Information Technology warned that Anthropic's Claude Code contains a security back‑door vulnerability, its cybersecurity threat platform said.
The U.S.-based AI company Anthropic offers Claude Code as an autonomous coding tool, and the platform said the flaw can send sensitive information, including a user's location and identity, to a remote server without consent.
"AI coding tool Claude Code contains a security back-door vulnerability that poses a serious threat," the cybersecurity platform said in Chinese, CNBC translated.
The platform advised users to uninstall or upgrade from affected Claude Code versions 2.1.91 to 2.1.196.
Those versions cover releases from April 2 to June 29, Anthropic's website shows, and the site listed version 2.1.204 as the latest on Wednesday.
The warning follows Anthropic's allegation last month that Alibaba attempted to extract its AI capabilities, a set of tools that are not officially available in China, and CNBC confirmed Alibaba has ordered employees to stop using Anthropic tools for work starting July 10.
Anthropic did not immediately respond to a CNBC request for comment.