Anthropic’s Claude Code Flaw Steals API Keys

In recent findings, security researchers uncovered a significant flaw in Anthropic’s Claude Code, allowing remote code execution and API key theft when users access untrusted repositories. The Check Point Research team identified critical vulnerabilities, CVE-2025-59536 and CVE-2026-21852, that can exploit features in Claude Code for malicious purposes. By leveraging project-level configuration files, attackers can initiate arbitrary shell commands and redirect authenticated API traffic by merely cloning and opening a compromised repository.

The flaws expose vulnerabilities within enterprise cloud environments, potentially impacting shared workspaces. Attackers can manipulate multiple API keys, leading to unauthorized access to shared data and possible financial liabilities. Claude Code’s inappropriate handling of executable logic within configuration files poses a new AI supply chain threat, emphasizing the evolving landscape of cybersecurity needs.

Anthropic has responded by adjusting trust procedures, limiting external executions, and ensuring API calls require user authorization.

For a deeper dive into this issue, read the full article at: https://securityaffairs.com/188508/security/untrusted-repositories-turn-claude-code-into-an-attack-vector.html