Versions of the Claude Chrome extension below 1.41 contain a high-risk keyword injection vulnerability and must be upgraded immediately.

According to a report by Koi cited by GoPlus, Anthropic's Claude Chrome extension contains a high-risk message injection vulnerability, affecting all extensions below version 1.41. Attackers can construct malicious web pages to silently load iframes with cross-site scripting (XSS) vulnerabilities in the background and execute malicious payloads within the a-cdn.claude.ai subdomain. Because this subdomain is on the extension's trusted whitelist, attackers can directly send malicious messages to the Claude extension and execute them automatically, without user authorization or any clicks, leaving the victim unaware. This vulnerability could allow attackers to manipulate the Claude extension to read user Google Drive documents, steal business access tokens, or export chat logs. It could also allow attackers to take over the current browser session and perform sensitive operations such as sending emails in the victim's name. GoPlus recommends that users immediately update their Claude extension to version 1.41 or higher and be wary of phishing links.