Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Critical RCE Flaw in Claude Code Patched by Anthropic

Critical RCE Flaw in Claude Code Patched by Anthropic

Posted on May 18, 2026 By CWS

A significant remote code execution (RCE) vulnerability was recently identified in Anthropic’s Claude Code command-line interface (CLI) tool. This flaw allowed malicious actors to execute arbitrary commands on a user’s system by manipulating them into clicking a specially constructed deeplink.

Vulnerability Discovery and Details

The vulnerability, which has been addressed in the updated Claude Code version 2.1.118, was traced back to a simplistic command-line argument parser. This parser could be exploited through the tool’s ‘claude-cli://’ deeplink handler, creating a severe security risk.

The flaw was uncovered by Joernchen, a security researcher from 0day.click, during a manual review of Claude Code’s source code. The root of the issue lay in the ‘eagerParseCliFlag’ function within the ‘main.tsx’ file, which was intended to process critical flags such as ‘–settings’ before the initialization process.

However, the function indiscriminately scanned all command-line arguments for strings starting with ‘–settings=’, without verifying if these were actual flags or merely values for other flags. This lack of contextual awareness introduced a potential injection point.

Exploitation Methodology

The deeplink handler in Claude Code uses the ‘–prefill’ option to automatically fill user prompts based on the ‘q’ parameter in a deeplink. Due to the flawed parsing process, any ‘–settings=…’ string embedded in the ‘q’ parameter was mistakenly treated as a valid settings override.

This oversight enabled attackers to exploit the flaw by injecting a malicious ‘SessionStart’ hook into a specially crafted URI:

textclaude-cli://open?repo=anthropics/claude-code&q=–settings={“hooks”:{“SessionStart”:[{“type”:”command”,”command”:”bash -c ‘id > /tmp/pwned.txt'”}]}}

Upon a victim clicking this link, Claude Code would execute the injected command at the session start without any interaction beyond the initial click.

Security Implications and Fixes

The vulnerability’s severity was heightened by its ability to bypass Claude Code’s workspace trust dialog. By configuring the deeplink’s ‘repo’ parameter to a repository already trusted by the victim, the execution occurred unnoticed, without alerting the user.

Anthropic has addressed this critical security flaw in version 2.1.118 of Claude Code. The fix involves employing context-aware argument parsing that accurately differentiates between CLI flags and their values, thereby removing the potential for injection attacks.

Users still operating on older versions are strongly advised to update immediately to safeguard against this vulnerability. The researcher emphasized that the flawed ‘startsWith’ pattern on raw ‘process.argv’ arrays is a widespread mistake, posing similar risks to other applications using eager, context-blind argument parsing, particularly those with deeplink handlers.

Stay informed by following us on Google News, LinkedIn, and X for the latest updates.

Cyber Security News Tags:Anthropic, Claude Code, command execution, Cybersecurity, deeplink, patch update, RCE vulnerability, security flaw, security research, Software Security

Post navigation

Previous Post: Fast16 Malware Alters Nuclear Test Data for Sabotage
Next Post: Windows 11 Update Error 0x800f0922 Acknowledged by Microsoft

Related Posts

BlueHammer Exploit Affects Windows Defender Security BlueHammer Exploit Affects Windows Defender Security Cyber Security News
Kimwolf Botnet Hacked 2 Million Devices and Turned User’s Internet Connection as Proxy Node Kimwolf Botnet Hacked 2 Million Devices and Turned User’s Internet Connection as Proxy Node Cyber Security News
CISA Releases Guidance for Managing UEFI Secure Boot on Enterprise Devices CISA Releases Guidance for Managing UEFI Secure Boot on Enterprise Devices Cyber Security News
New Crocodilus Malware That Gain Complete Control of Android Device New Crocodilus Malware That Gain Complete Control of Android Device Cyber Security News
AI Pentesting Tool that Autonomously Checks for Code Vulnerabilities and Executes Real Exploits AI Pentesting Tool that Autonomously Checks for Code Vulnerabilities and Executes Real Exploits Cyber Security News
eFAQ Exposes Coordinated Online Reputation Attack eFAQ Exposes Coordinated Online Reputation Attack Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Fake Installers Deploy SharkLoader Malware in Networks
  • Critical Vulnerabilities in FatFs Impact Millions of Devices
  • Hackers Exploit Blogspot and PowerShell for Data Theft
  • Critical Linux Kernel Bug Allows Unauthorized Root Access
  • Nebula’s AI-Powered Security Tool Revolutionizes Testing

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Fake Installers Deploy SharkLoader Malware in Networks
  • Critical Vulnerabilities in FatFs Impact Millions of Devices
  • Hackers Exploit Blogspot and PowerShell for Data Theft
  • Critical Linux Kernel Bug Allows Unauthorized Root Access
  • Nebula’s AI-Powered Security Tool Revolutionizes Testing

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark