Claude Code CLI RCE via Malicious Deeplinks Prompted Quick Patch (2.1.118)

May 18, 2026 at 01:54 PM

•

1 min read

Claude Code CLI RCE via Malicious Deeplinks Prompted Quick Patch (2.1.118) — Photo: CyberSecurityNews

TL;DR Summary

A critical remote code execution vulnerability in Anthropic’s Claude Code CLI allowed attackers to execute arbitrary commands through crafted deeplinks. The flaw came from a context-blind argument parser that treated --settings overrides found inside a deeplink’s q parameter as legitimate, enabling injection of a SessionStart hook at startup. Anthropic released a fix in Claude Code 2.1.118 and urged users to update; the issue highlights the risks of eager CLI parsing and deeplink handling.

Topics:technology #claude-code #cli #cyber-security-news #deeplink #rce #security-patch

Share this article

Claude Code RCE Flaw Lets Attackers Execute Commands via Malicious Deeplinks CyberSecurityNews
Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses VentureBeat
Anthropic faces scrutiny over Claude's architectural flaws after multiple security disclosures in May 2026 Crypto Briefing
Claude Code MCP Attack Enables Persistent Token Theft eSecurity Planet
Claude Chrome Extension Flaw Lets Malicious Extensions Steal Gmail and Google Drive Data cyberpress.org

Reading Insights

Total Reads

Unique Readers

Time Saved

56 min

vs 57 min read

Condensed

99%

11,314 → 73 words

Want the full story? Read the original article

Read on CyberSecurityNews

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights