Key Points
- China’s National Vulnerability Database identified a security vulnerability in Claude Code versions spanning 2.1.91 to 2.1.196
- The identified vulnerability reportedly enabled unauthorized transmission of user location and identification information to Anthropic’s remote servers
- Chinese authorities recommended immediate removal of compromised versions or system upgrades
- Alibaba implemented a company-wide prohibition on Claude Code usage effective July 10 due to security vulnerabilities
- Anthropic engineer Thariq Shihipar disclosed the data collection was part of an anti-abuse testing initiative, with remediation underway
A Chinese government-affiliated cybersecurity authority has issued a security alert regarding Anthropic’s artificial intelligence coding assistant Claude Code, recommending immediate removal or upgrading to current versions.
https://twitter.com/CNBC/status/2074810511279952258?s=20
The National Vulnerability Database (NVDB), operating under China’s Ministry of Industry and Information Technology, published the advisory through its WeChat platform on July 8.
According to the NVDB, the vulnerability impacts Claude Code versions between 2.1.91 and 2.1.196. The agency alleges these releases possess capabilities to harvest users’ geographical positioning data and personal identification details, subsequently transmitting this information to external servers without explicit user authorization.
The cybersecurity body characterized the vulnerability as posing a “severe threat” and recommended organizations initiate comprehensive security audits without delay.
Tech Giant Alibaba Restricts Internal Usage
Prior to the NVDB’s public disclosure, Alibaba, one of China’s largest technology corporations, had already implemented internal restrictions. The organization informed its workforce the previous week that Claude Code would be prohibited for professional applications beginning July 10, instructing personnel to transition to Qoder, the company’s proprietary coding tool.
Alibaba referenced identical security vulnerabilities highlighted by the NVDB in its internal communications.
This development further complicates the already tense dynamic between Alibaba and Anthropic. Previously, Anthropic has publicly accused Alibaba and additional Chinese technology firms of employing “distillation” methodologies — a process involving training compact AI models using outputs from sophisticated systems — to replicate its proprietary model functionalities.
Response from Anthropic Engineering Team
Anthropic has yet to release an official statement addressing China’s security warning.
Nevertheless, Thariq Shihipar, an engineer working on Claude Code, commented on the matter via X following initial reports in specialized technology publications.
Shihipar explained the data collection mechanism was implemented as part of a trial initiative that commenced in March. The project aimed to combat account misuse by unauthorized third-party resellers and defend against model distillation attempts.
“The team has landed stronger mitigations since then and we’ve actually been meaning to take this down for a while,” Shihipar stated. He confirmed that complete removal of the feature would be incorporated in the upcoming software release.
[[LINK_START_2]]Anthropic[[LINK_END_2]] maintains access restrictions preventing users and organizations located in China and other nations it designates as adversarial from utilizing its services. Regardless of these limitations, numerous Chinese software developers continue accessing Claude Code via virtual private network services and international proxy infrastructure.
The NVDB additionally advised organizations to strengthen external network access protocols and enhance traffic surveillance capabilities to block unauthorized data exfiltration.
At publication time, Anthropic had not provided responses to media inquiries regarding the NVDB’s detailed claims.





