Infosecurity-Magazine
Zero-Click RCE Vulnerability Discovered in Claude Desktop Extensions
First seen 9 Feb 2026, 23:30 UTC
•



+13
•81% similarity
•35.5
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A zero-click remote code execution (RCE) vulnerability has been identified in Claude Desktop Extensions, allowing attackers to compromise systems through a single Google Calendar event. This flaw affects over 10,000 users and 50 extensions, as the extensions operate with full system privileges. LayerX reported the vulnerability on February 9, 2026, but Anthropic has declined to issue a fix.
ThreatCluster AI
Timeline
2025-07-03
Vulnerabilities reported through Anthropic's HackerOne program
2025-11-05
Koi Security finds prompt injection vulnerabilities in Claude extensions
2026-02-09
LayerX reports zero-click RCE vulnerability in Claude Desktop Extensions