// ClaudeHIGH
Security researchers disclosed three vulnerabilities in Claude Code enabling token theft and code execution. CVE-2025-59536 (RCE via repository hooks) and CVE-2026-21852 (API-key exfiltration via environment variables) were patched by Anthropic. A critical silent token-theft chain via malicious npm packages intercepting OAuth tokens remains unpatched by design. The vulnerabilities exploit local configuration files and MCP integration points as active execution paths.
- Your Coding Agent Is an Attack Surface: The Claude Code Security(opens in a new tab)
- AI coding agents can be tricked into installing malware via 'cle(opens in a new tab)
// Get alerts for Claude