CVE-2026-44470
7.8 HIGHThe Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side
Published: 2026-05-13 · Last updated: 2026-06-02
Severity and scoring
- CVSS
- 7.8 HIGH
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-269, CWE-59
Affected products
| Vendor | Product |
|---|---|
| anthropic | claude_desktop |
Description
The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NTFS directory junction before creating files within it. A local non-elevated user could replace the user-writable VM bundle directory with a directory junction pointing to an attacker-chosen location, causing the service to create a SYSTEM-owned file in an arbitrary directory. This could be leveraged for local privilege escalation. This vulnerability is fixed in 1.3834.0.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-44467 — The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side (6.8 MEDIUM)
Same CWE
- CVE-2026-12018 — Inappropriate implementation in Mojo in Google Chrome on Windows prior to 149.0.7827.115 allowed a local attacker to perform OS-level pri... (8.8 HIGH)
- CVE-2026-45176 — Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components
- CVE-2025-46293 — This issue was addressed with improved handling of symlinks (5.5 MEDIUM)
- CVE-2025-31272 — The issue was addressed with improved checks (7.8 HIGH)
- CVE-2026-45384 — bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files (6.1 MEDIUM)