—

CVE-2026-22561PATCHED

anthropic · claude desktop - windows

CVE-2026-22561: Uncontrolled search path elements in Anthropic Claude for Windows installer (Claude Setup.exe) versions prior to 1.1.336

Description

Uncontrolled search path elements in Anthropic Claude for Windows installer (Claude Setup.exe) versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs (e.g., profapi.dll) from its own directory after UAC elevation, enabling arbitrary code execution if a malicious DLL is planted alongside the installer.

Affected Products

Vendor	Product	Versions
anthropic	claude desktop - windows	0

References

https://trust.anthropic.com/resources?s=1cvig6ldp3zvuj1yffzr11&name=cve-2026-22561-dll-search-order-hijacking-in-claude-for-windows-installer

Related News (1 articles)

Tier C

VulDB5h ago

CVE-2026-22561 | Anthropic Claude Desktop up to 1.1.3362 on Windows Setup.exe uncontrolled search path

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

Patch available1.1.3363

PublishedMar 31, 2026

Last enriched5h agov2

Trending Score20

Source articles1

Independent1

Info Completeness7/14

Missing: cvss, epss, cwe, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-24052

Claude Code is an agentic coding tool. Prior to version 1.0.111, Claude Code contained insufficient URL validation in its trusted domain verification mechanism for WebFetch requests. The application u

MEDIUMCVE-2026-25723

Claude Code is an agentic coding tool. Prior to version 2.0.55, Claude Code failed to properly validate commands using piped sed operations with the echo command, allowing attackers to bypass file wri

HIGHCVE-2026-33068

Claude Code is an agentic coding tool. Versions prior to 2.1.53 resolved the permission mode from settings files, including the repo-controlled .claude/settings.json, before determining whether to dis

CRITICALCVE-2026-25722

Claude Code is an agentic coding tool. Prior to version 2.0.57, Claude Code failed to properly validate directory changes when combined with write operations to protected folders. By using the cd comm

HIGHCVE-2026-21852

Claude Code is an agentic coding tool. Prior to version 2.0.65, vulnerability in Claude Code's project-load flow allowed malicious repositories to exfiltrate data including Anthropic API keys before u

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Mar 31, 2026

Discovered by ZDM

Mar 31, 2026

Updated: description, affectedVersions, severity

Mar 31, 2026

Patch Available

Mar 31, 2026

Version History

Last enriched 5h ago

v2Tier C5h ago

Updated description with more technical detail, changed affected versions to 1.1.3362, updated severity to HIGH, and noted that no exploit is available.

descriptionaffectedVersionsseverity

via VulDB

v15h ago

Initial creation