# AI编码助手2.1.199被曝会话/缓存泄漏漏洞

- 来源：Hacker News 热门（buzzing.cc 中文翻译）
- 作者：chatmasta
- 发布时间：2026-07-04 23:51
- AIHOT 分数：50
- AIHOT 链接：https://aihot.virxact.com/items/cmr6kcmpi03rpslf0prd6bzlx
- 原文链接：https://github.com/anthropics/claude-code/issues/74066

## AI 摘要

用户在使用 Enterprise ZDR workspace 时，Agent 突然询问 Minecraft 寺庙细节并声称正在建造，表明会话可能从 consumer 计划泄漏到企业工作区。用户怀疑工作区实例间的会话/缓存隔离失效，且自述配置了 .claude 目录和环境异常。问题出现在版本 2.1.199（平台 darwin）。

## 正文

[Bug] Potential session/cache leakage between workspace instances or consumer accounts #74066

Open

Open

[Bug] Potential session/cache leakage between workspace instances or consumer accounts#74066

Labels

area:corearea:securitybugSomething isn't workingplatform:macosIssue specifically occurs on macOS

Description

milesrichardson-edb

opened on Jul 4, 2026

Bug Description
Apparent session leakage, despite authenticated to Enterprise ZDR workspace. Agent suddenly started asking me what kind of bricks I wanted for my Minecraft temple and confidently asserted in its recap that it's building a Minecraft temple. I thought cache was isolated to workspace? Maybe one of my colleagues is building a minecraft temple. That's one way to spend your token allowance, I suppose. Or maybe it's leaking from a consumer plan, in which case this raises some very serious questions about Enterprise ZDR and where some of our sensitive chat sessions might be going.

Environment Info

Platform: darwin

Terminal: Apple_Terminal

Version: 2.1.199

Feedback ID: f336f5d2-3992-4a04-9e1f-ec30f006f75e

Errors

[]

Maybe relevant: I'm doing something kind of weird. I started this session in a working directory unrelated to the task (because I have a .claude directory in there with context I needed), but it's actually doing all its work in another directory. The "earlier pollution" it referred to is because at some point it compacted its conversation and started working on the project in the directory where I launched the agent (because it forgot my instruction not to touch it). That was less surprising and obviously caused by my own setup. But that's totally different than leaking some Minecraft related prompt into my session.

Metadata

Metadata
