What is CVE-2026-21852?

CVE-2026-21852 is a vulnerability in Anthropics Claude-code, classified under Insufficiently Protected Credentials. Published 2026-01-21.

Is CVE-2026-21852 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Anthropics Claude-code

CVE-2026-21852

Claude Code is an agentic coding tool. Prior to version 2.0.65, vulnerability in Claude Code's project-load flow allowed malicious repositories to exfiltrate data including Anthropic API keys before users confirmed trust. An attacker-contr…

EPSS: 0.000 (10.2th percentile) — read the EPSS interpretation.

Affected products

Anthropics Claude-code — versions < 2.0.65

Weakness classification (CWE)

CWE-522 — Insufficiently Protected Credentials

Public proof-of-concept exploits

atiilla/CVE-2026-21852-PoC
TreRB/ai-ide-config-guard
M0broot/CVE-Archive

References

https://github.com/anthropics/claude-code/security/advisories/GHSA-jh7p-qr78-84p7 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2026-21852?: CVE-2026-21852 is a vulnerability in Anthropics Claude-code, classified under Insufficiently Protected Credentials. Published 2026-01-21.
Is CVE-2026-21852 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.