China’s National Vulnerability DataBase has warned that Anthropic’s Claude Code contains a security “backdoor” capable of secretly sending users’ location and identity data to remote servers without consent. The alert covers Claude Code versions 2.1.91 to 2.1.196 and urges users to uninstall or upgrade immediately. It comes amid rising US-China AI tensions, days after Alibaba banned employees from using the coding tool at work.