Back

Critical Vulnerability in Claude Chrome Extension Allows Hijacking by Malicious Extensions

Severity: High (Score: 69.8)

Sources: Csoonline, Letsdatascience, layerxsecurity.com, Cyberscoop

Summary

LayerX Security discovered a severe vulnerability in Anthropic's Claude Chrome extension, allowing any other extension to hijack it without special permissions. The flaw, dubbed 'ClaudeBleed,' enables malicious scripts to execute commands, exfiltrate sensitive data, and manipulate user actions across services like Google Drive and Gmail. Despite a partial fix issued by Anthropic on May 6, 2026, the vulnerability remains exploitable due to inadequate security measures. The issue arises from a trust boundary violation in the extension's code, which permits arbitrary scripts to communicate with Claude's language model. Researchers demonstrated the exploit by accessing private files and sending unauthorized emails. This incident illustrates the risks associated with overly permissive browser extensions in AI applications. Security experts emphasize the need for improved monitoring and defenses against such vulnerabilities. Key Points: • The vulnerability allows any Chrome extension to hijack Claude's capabilities. • Malicious scripts can exfiltrate data from Google services without user interaction. • Anthropic's partial fix does not fully address the underlying security issues.

Key Entities

  • Data Breach (attack_type)
  • Data Exfiltration (attack_type)
  • Zero-day Exploit (attack_type)
  • Anthropic (company)
  • Koi.ai (company)
  • CWE-200 - Exposure of Sensitive Information (cwe)
  • CWE-269 - Improper Privilege Management (cwe)
  • CWE-287 - Improper Authentication (cwe)
  • Cwe-79 - Cross-site Scripting (xss) (cwe)
  • CWE-862 - Missing Authorization (cwe)
  • claude.ai (domain)
  • T1041 - Exfiltration Over C2 Channel (mitre_attack)
  • T1059 - Command and Scripting Interpreter (mitre_attack)
  • T1567 - Exfiltration Over Web Service (mitre_attack)
  • T1574 - Hijack Execution Flow (mitre_attack)
  • Chrome (tool)
  • Claude AI (tool)
  • Gmail (tool)
  • Google Chrome (tool)
  • Google Drive (tool)
  • Chrome Extension (platform)
  • GitHub (platform)
  • ClaudeBleed (vulnerability)
  • ShadowPrompt (vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed