Local Privilege Escalation in Anthropic Claude Windows Installer
CVE-2026-22561

4.7MEDIUM

Key Information:

Vendor: Anthropic
Status: Claude Desktop - Windows
Vendor: CVE Published:; 31 March 2026

What is CVE-2026-22561?

The Anthropic Claude Windows installer, specifically versions prior to 1.1.3363, is vulnerable to a local privilege escalation attack. This vulnerability arises from uncontrolled search path elements used by the installer, allowing for DLL search-order hijacking. When the installer elevates its privileges through User Account Control (UAC), it searches for dynamic link libraries (DLLs) in its own directory. If a malicious DLL is placed alongside the installer, it can be executed, leading to potential arbitrary code execution and further compromise of the system.

Affected Version(s)

Claude Desktop - Windows 0 < 1.1.3363

References

https://trust.anthropic.com/resources?s=1cvig6ldp3zvuj1yf...

CVSS V4

Score:

4.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 31, 2026
Vulnerability Reserved
Jan 7, 2026

CVE-2026-22561 Data

JSON