CVE-2026-22561 MEDIUM

CVE-2026-22561

Vendor Anthropic
Product Claude Desktop - Windows
Published March 31, 2026
Last update May 10, 2026

CVSS base score

4.7/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

What the vulnerability does

01Description

Uncontrolled search path elements in Anthropic Claude for Windows installer (Claude Setup.exe) versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs (e.g., profapi.dll) from its own directory after UAC elevation, enabling arbitrary code execution if a malicious DLL is planted alongside the installer.

Key dates

02Disclosure timeline

March 31, 2026 CVE published
May 10, 2026 Record updated