Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
Uncontrolled search path elements in Anthropic Claude for Windows installer (Claude Setup.exe) versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs (e.g., profapi.dll) from its own directory after UAC elevation, enabling arbitrary code execution if a malicious DLL is planted alongside the installer.
AnalysisAI
DLL search-order hijacking in Anthropic Claude for Windows installer (Claude Setup.exe) versions before 1.1.3363 enables local privilege escalation to system context. An attacker with low privileges and physical or local access can plant a malicious DLL (such as profapi.dll) in the installer directory; when an elevated user runs the installer, the uncontrolled search path causes the malicious DLL to be loaded and executed with system privileges, achieving arbitrary code execution. No public exploit code or active exploitation has been confirmed at the time of analysis.
Technical ContextAI
This vulnerability exploits a fundamental Windows DLL loading mechanism weakness. When an application is executed with elevated privileges (via UAC), Windows searches for dependencies first in the application's own directory before checking system directories. The Claude Setup.exe installer fails to use absolute paths or safe loading mechanisms (such as SetDllDirectory or manifests) when loading system DLLs like profapi.dll. An attacker can pre-stage a malicious DLL with the same name in the installer's directory; when UAC-elevated code executes, it loads the attacker's DLL instead of the legitimate system library. The affected product is Anthropic Claude Desktop for Windows (CPE: cpe:2.3:a:anthropic:claude_desktop_-_windows:*:*:*:*:*:*:*:*), specifically versions prior to 1.1.3363. This class of vulnerability (CWE category: improper control of search path elements) is well-documented in Windows security literature and remains a persistent privilege escalation vector.
RemediationAI
Users and administrators should upgrade to Claude Desktop for Windows version 1.1.3363 or later, which remediates the DLL search-order hijacking vulnerability. The fix eliminates uncontrolled loading of system DLLs from the installer directory. In the interim, users should avoid running the installer from untrusted or shared directories, and system administrators can restrict write permissions to installer directories to prevent malicious DLL placement. For detailed guidance, refer to Anthropic's official security advisory at https://trust.anthropic.com/resources?s=1cvig6ldp3zvuj1yffzr11&name=cve-2026-22561-dll-search-order-hijacking-in-claude-for-windows-installer.
Same weakness CWE-427 – Uncontrolled Search Path Element
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-17476
GHSA-3c2p-6j48-gmm4