Claude HUD versions up to 0.0.12 improperly neutralize escape, meta, or control sequences when constructing OSC 8 terminal hyperlink escape sequences. Specifically, it uses raw current working directory and branch URL values without stripping control characters or encoding embedded values. This flaw enables attackers to inject arbitrary ANSI codes, including ESC+backslash sequences, which can manipulate terminal display properties, forge prompts, write clipboard data via OSC 52 sequences, or cause outbound HTTP requests when users click on crafted hyperlinks. The vulnerability is identified as CVE-2026-47090 with a CVSS 4.0 score of 2.4 (low severity). A fix was committed (234d9aa), but no official patch advisory is provided in the input data.

The vulnerability allows attackers with limited privileges and user interaction to inject ANSI escape sequences into terminal sessions. This can lead to visual deception such as forged prompts or altered text colors, clipboard manipulation, or unintended outbound HTTP requests when hyperlinks are clicked. The impact is considered low severity due to the requirement for user interaction and limited scope of exploitation. There are no known exploits in the wild at this time.

A patch addressing this vulnerability was committed in commit 234d9aa. However, no official vendor advisory or patch link is provided in the available data. Users of claude-hud should update to the fixed version that includes this commit to mitigate the issue. Since the product is not a cloud service, remediation depends on user action to apply the patch. Patch status is not yet confirmed by a vendor advisory; users should verify the fix and monitor official sources for updates.