[BUG] Session Isolation Failure - Information Leaking Between Multiple Claude Code Sessions

Resolved 💬 5 comments Opened Jun 12, 2025 by git-kubik Closed Dec 10, 2025

Issue Title:
Session Isolation Failure - Information Leaking Between Multiple Claude Code Sessions

Issue Body:

Environment

  • Platform (select one):
  • [x] Anthropic API
  • [ ] AWS Bedrock
  • [ ] Google Vertex AI
  • [ ] Other: <!-- specify -->
  • Claude CLI version: 1.0.21 (Claude Code)
  • Operating System: Linux 6.1.0-37-amd64
  • Terminal: VS Code shell Version: 1.100.3 (user setup)

Commit: 258e40fedc6cb8edf399a463ce3a9d32e7e1f6f3
Date: 2025-06-02T13:30:54.273Z
Electron: 34.5.1
ElectronBuildId: 11369351
Chromium: 132.0.6834.210
Node.js: 20.19.0
V8: 13.2.152.41-electron.0
OS: Windows_NT x64 10.0.19045

Bug Description

Information from one Claude Code session is leaking into another unrelated session, compromising session isolation. File paths and context from one project appear in a completely separate session working on an unrelated project.

Steps to Reproduce

  1. Start multiple Claude Code sessions simultaneously on different projects
  2. Work on completely unrelated projects in each session (e.g., one session on "NexaNest" project, another on "sourdough" documentation)
  3. Continue normal development work in each isolated session
  4. Observe that file paths/information from one session (e.g., /repos/NexaNest/.env.swarm) appears in another session's context without any deliberate cross-referencing

Expected Behavior

Each Claude Code session should be completely isolated with no cross-contamination of information between sessions. Sessions should have no knowledge of files, paths, or context from other concurrent sessions.

Actual Behavior

File path /repos/NexaNest/.env.swarm from one session (NexaNest project) appeared in the context of a completely separate session working on a sourdough documentation project in /repos/sourdough. Claude mentioned this file without it being relevant to the current session.

Additional Context

  • This is a critical security and privacy issue as it breaks session isolation
  • Potentially exposes sensitive information (like environment files) across different projects/sessions
  • Users working on multiple projects simultaneously are at risk
  • The leak occurred when Claude mentioned seeing a file from the other session during normal conversation
  • No deliberate cross-referencing was made between sessions
  • Both sessions were running concurrently on the same machine
  • This violates the fundamental expectation that each session is isolated

View original on GitHub ↗

This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗