Here is what developers, enterprise security teams, and AI observers need to know about the alert, the affected code, and the escalating geopolitical context.
According to the NVDB's statement, the warning applies to Claude Code versions 2.1.91 through 2.1.196 . These versions were released in a window spanning approximately April 2026 to June 2026
. The NVDB recommended that users immediately review whether they are running an affected version
.
The NVDB said Claude Code contains a "built-in monitoring mechanism" capable of transmitting sensitive information — including users' geographic location and identity-related identifiers — to remote servers without the user's consent . The agency stated that such a mechanism could pose "a serious threat" to users
.
The NVDB advised organizations and individual users to either uninstall the impacted versions or upgrade to the latest secure release, in which the alleged backdoor code has been removed . Multiple sources confirm that users in China were specifically told to uninstall older or affected versions
.
Days before the NVDB warning, on July 3, 2026, reports emerged that Alibaba would ban employee use of Claude Code starting July 10, 2026 . The company reportedly classified Claude Code as a "high-risk" application after discovering that Anthropic had tracked Chinese users using hidden code
. The ban covers internal workplace environments and was first reported by Chinese financial outlet Yicai before being confirmed by Reuters
.
Alibaba has also reportedly been recommending employees use the Chinese-developed Qoder as an alternative . The corporate ban and the national-level alert together create a layered Chinese response: first a company acting on internal risk assessments, then a government cybersecurity body issuing a formal warning
.
Anthropic pushed back against the NVDB's assessment, stating that users in China were never authorized to use Claude Code in the first place . The company's terms of service already prohibit use by Chinese companies and related entities
. Anthropic has reportedly been working to close loopholes that allowed Chinese users to access Claude, and according to a Reddit post, some of that loophole-closing involved a version of Claude Code that could secretly identify Chinese users
.
Multiple sources frame the NVDB warning and Alibaba's ban as the latest flashpoint in escalating U.S.-China AI tensions :
The original question asked about a parallel U.S. House investigation into Chinese AI models over national security concerns. The available sources do not contain reporting on such an investigation. This part of the question could not be fact-checked from the retrieved material.