CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Anthropic: >> Claude Security Vulnerabilities

CVE-2026-22561

Uncontrolled search path elements in Anthropic Claude for Windows installer (Claude Setup.exe) versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs (e.g., profapi.dll) from its own directory after UAC elevation, enabling arbitrary code execution if a malicious DLL is planted alongside the installer.

CVSS Score

7.8

EPSS Score

0.0

Published

2026-03-31

Page 1

Vulnerabilities

Vulnerable Software

Anthropic: >> Claude Security Vulnerabilities

Products

Pricing

Contact Us