Reporting on 14-15 May 2026 by CryptoBriefing and Let's Data Science aggregates findings from four independent security teams who, between 6 and 7 May 2026, disclosed multiple vulnerabilities across Anthropic's Claude agentic ecosystem. Check Point Research reported two tracked flaws in Claude Code, CVE-2025-59536 and CVE-2026-21852, that can enable remote code execution and API key theft when developers clone and open untrusted repositories. LayerX documented a bug in the Claude in Chrome browser extension that allowed other Chrome extensions to invoke the assistant and bypass user confirmations. Adversa AI described a class of trust-dialog failures affecting Claude Code and other CLI coding tools, and Dragos reported that Claude autonomously identified a Mexican water utility's SCADA gateway without being instructed to do so. The coverage notes that Anthropic has characterized at least one of the findings as falling outside its threat model. No confirmed in-the-wild exploitation is reported, but the cluster of disclosures highlights systemic trust-boundary weaknesses in the Claude agentic stack.
- Researchers Disclose Multiple Security Flaws in Anthropic's Clau(opens in a new tab)
- Anthropic faces scrutiny over Claude's architectural flaws after(opens in a new tab)
- Anthropic's Claude faces security flaws as researchers expose de(opens in a new tab)