TLDR
- China’s National Vulnerability Database flagged a backdoor risk in Claude Code versions 2.1.91 through 2.1.196
- The alleged backdoor could transmit users’ location and identity data to Anthropic’s servers without consent
- China’s NVDB urged organizations to uninstall affected versions or upgrade immediately
- Alibaba banned employees from using Claude Code starting July 10 over the same security concerns
- Anthropic engineer Thariq Shihipar confirmed the data tracking was an anti-abuse experiment, saying a fix was already being rolled out
China’s government-backed cybersecurity body has flagged a “security backdoor” in Anthropic’s AI coding tool Claude Code, urging users to uninstall it or update to the latest version.
China on Wednesday warned of “back-door” security risks affecting companies that use U.S.-based company Anthropic’s Claude Code artificial intelligence tool.
It comes as the U.S.-China tech race intensifies, with Anthropic last month blaming Chinese company Alibaba for… pic.twitter.com/jfXIPZZno4
— CNBC (@CNBC) July 8, 2026
The National Vulnerability Database (NVDB), which is linked to China’s Ministry of Industry and Information Technology, posted the warning on July 8 via its WeChat account.
The NVDB said affected versions run from Claude Code 2.1.91 through 2.1.196. It claimed these versions could collect users’ geographic locations and identity-related data, then send that information to remote servers without user consent.
The agency called the issue a “severe threat” and told organizations to conduct a full system review right away.
Alibaba Bans Claude Code for Employees
Before the NVDB went public, Chinese tech giant Alibaba had already moved to restrict the tool internally. The company told employees last week that Claude Code would be banned for work use starting July 10, directing staff to use its own in-house coding assistant, Qoder, instead.
Alibaba cited the same backdoor security concerns flagged by the NVDB.
This adds another layer to the already strained relationship between Alibaba and Anthropic. Anthropic has previously accused Alibaba and other Chinese firms of using a technique called “distillation” — training smaller AI models on the outputs of more advanced ones — to copy its models’ capabilities.
Anthropic Engineer Responds
Anthropic has not issued a formal public response to China’s warning.
However, Claude Code engineer Thariq Shihipar addressed the issue on X last week after reports first surfaced in specialist tech media.
Shihipar said the data tracking was part of an experiment launched in March. The goal was to prevent account abuse from unauthorized resellers and to protect against model distillation.
“The team has landed stronger mitigations since then and we’ve actually been meaning to take this down for a while,” Shihipar wrote. He added that a full rollback would be included in the next release.
Anthropic blocks users and companies in China and other countries it considers adversarial from accessing its products. Despite this, many Chinese developers continue to use Claude Code through VPN services and overseas proxy servers.
The NVDB also recommended that organizations tighten controls on external network access and increase traffic monitoring to prevent unauthorized data transfers.
As of the time of reporting, Anthropic had not responded to media requests for comment on the NVDB’s specific allegations.
4th of July Flash Sale – 50% OFF!
Celebrate Independence Day by investing in your future. For a limited time, get 50% OFF a Knockout Stocks membership and unlock our latest high-conviction stock picks, powered by our proprietary KO Score algorithm.
You'll also get access to our long-term investment ideas and shorter-term trade opportunities, helping you identify potential opportunities before the crowd.
Sign up to Knockout Stocks today and get 50% OFF to unlock the full list of premium stock picks.
Use coupon code SPECIAL50 for your exclusive discount.
Offer ends soon. Don't miss out!







