Claude Desktop official extensions unsanitized AppleScript command injection three RCEs command injection flaw
Vulnerability
Summary
Hide ▲
Show ▼
Three RCE vulnerabilities were disclosed in Claude Desktop's official Chrome, iMessage, and Apple Notes connectors, exposing users to arbitrary code execution with full system privileges. The flaws stemmed from unsanitized command injection in AppleScript execution. Anthropic confirmed the issues as high-severity with CVSS 8.9, and they were patched.
Related Happenings
Ghost CMS Content API SQL injection SQL injection flaw (CVE-2026-26980)
Vulnerability
First: 25.05.2026 15:02
Last: 25.05.2026 15:02
Sources 1
About this happening:
Threat actors are **actively exploiting CVE-2026-26980** in **Ghost CMS Content API**, creating **SQL injection** risk that can expose database data and enable unauthorized **admi...
Ghost CMS Content API SQL injection SQL injection flaw (CVE-2026-26980)
VulnerabilityAbout this happening: Threat actors are **actively exploiting CVE-2026-26980** in **Ghost CMS Content API**, creating **SQL injection** risk that can expose database data and enable unauthorized **admi...
MCP STDIO arbitrary command execution security flaw
Vulnerability
First: 16.04.2026 12:40
Last: 16.04.2026 12:40
Sources 1
About this happening:
A **critical MCP flaw** in the **STDIO interface** can trigger **arbitrary command execution**, putting **connected AI systems** at risk of **data exposure** and **system takeover...
MCP STDIO arbitrary command execution security flaw
VulnerabilityAbout this happening: A **critical MCP flaw** in the **STDIO interface** can trigger **arbitrary command execution**, putting **connected AI systems** at risk of **data exposure** and **system takeover...
Anthropic Claude Code code injection and API key disclosure flaws (multiple vulnerabilities)
Vulnerability
First: 25.02.2026 19:00
Last: 25.02.2026 19:00
Sources 1
About this happening:
**Anthropic's Claude Code** has multiple disclosed flaws that can enable **remote code execution** and **API key theft** when developers open **untrusted repositories**. The issue...
Anthropic Claude Code code injection and API key disclosure flaws (multiple vulnerabilities)
VulnerabilityAbout this happening: **Anthropic's Claude Code** has multiple disclosed flaws that can enable **remote code execution** and **API key theft** when developers open **untrusted repositories**. The issue...
Figma-developer-mcp MCP server command injection (CVE-2025-53967)
Vulnerability
First: 08.10.2025 13:58
Last: 08.10.2025 13:58
Sources 1
About this happening:
**figma-developer-mcp** has a **now-patched command injection** flaw, **CVE-2025-53967**, that can let attackers execute arbitrary commands and reach **remote code execution**. Th...
Figma-developer-mcp MCP server command injection (CVE-2025-53967)
VulnerabilityAbout this happening: **figma-developer-mcp** has a **now-patched command injection** flaw, **CVE-2025-53967**, that can let attackers execute arbitrary commands and reach **remote code execution**. Th...
Timeline
-
29.12.2025 17:00 3 articles · 4mo ago
Initial report: Claude Desktop official extensions unsanitized AppleScript command injection three RCEs command injectio
Initial DisclosureThe initial disclosure identified three code-execution flaws in **Claude Desktop**'s official connectors. The issues were tied to **AppleScript command injection** and created a direct path to privileged execution on the host system.
Show sources
- The Real-World Attacks Behind OWASP Agentic AI Top 10 — www.bleepingcomputer.com — 29.12.2025 17:00
- The Real-World Attacks Behind OWASP Agentic AI Top 10 — www.bleepingcomputer.com — 29.12.2025 17:00
- Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection — www.infosecurity-magazine.com — 05.11.2025 12:30