CVE-2026-22561

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Uncontrolled search path elements in Anthropic Claude for Windows installer (Claude Setup.exe) versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs (e.g., profapi.dll) from its own directory after UAC elevation, enabling arbitrary code execution if a malicious DLL is planted alongside the installer.

Vendor	anthropic
Product	claude desktop - windows
Published	Mar 31, 2026
Last Updated	Mar 31, 2026

Stay Ahead of the Next One

Get instant alerts for anthropic claude desktop - windows

Be the first to know when new unknown vulnerabilities affecting anthropic claude desktop - windows are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Anthropic / Claude Desktop - Windows

0 < 1.1.3363

References

NVD ↗ CVE.org ↗ EPSS Data ↗

trust.anthropic.com: https://trust.anthropic.com/resources?s=1cvig6ldp3zvuj1yffzr11&name=cve-2026-22561-dll-search-order-hijacking-in-claude-for-windows-installer

Credits

Kazuma Matsumoto, a security reseaercher at GMO Cybersecurity by IERAE, Inc