China's National Vulnerability Database (NVDB) issued a security alert stating that several versions of Anthropic's Claude Code contain a backdoor [1].
The warning highlights a critical intersection of artificial intelligence and national security, as the alleged vulnerability could allow the unauthorized collection of sensitive developer data.
According to the NVDB, the backdoor is capable of transmitting users' location and identity data to remote servers without the users' consent [2]. The agency said developers should either update the affected software or uninstall it entirely to prevent data leaks [1].
"The vulnerability could allow unauthorized transmission of user location and identity data to remote servers," the NVDB said [2].
The alert has already triggered corporate reactions within China. Alibaba banned its employees from using Claude Code at work following the security notification [3].
Anthropic, the developer of the AI tool, responded to the findings. A spokesperson for Anthropic said, "We take security seriously and are investigating the report" [2].
The security alert was first reported on June 5, 2024 [1]. While the NVDB noted that several versions are affected, specific version numbers were not disclosed in the initial reports [2].
The incident adds further tension to the ongoing technological competition between the U.S. and China, specifically regarding the trust and transparency of AI-driven software tools developed in different jurisdictions.
“The vulnerability could allow unauthorized transmission of user location and identity data to remote servers.”
This dispute underscores the growing geopolitical friction over AI sovereignty. By flagging a 'backdoor,' China is not only issuing a technical warning but also signaling a lack of trust in U.S.-made AI infrastructure. For global developers, this incident emphasizes the risk of 'supply chain' vulnerabilities where AI assistants—which have deep access to proprietary codebases—could potentially be used for espionage or unauthorized data harvesting.



