CVE-2025-59536

This repository contains functional exploit code demonstrating CVE-2026-21852, an API key exfiltration vulnerability in Anthropic's Claude Code CLI tool. The PoC includes a MITM proxy to capture API keys and a scanner to detect vulnerable configurations.

This repository contains a static analysis tool designed to scan for malicious AI-IDE configuration files that could lead to RCE, credential theft, or persistent compromise. It checks for various attack vectors such as Claude Code hooks, Unicode smuggling in rules files, MCP auto-registration, and API base-URL redirection.

The repository claims to exploit CVE-2025-59536 but lacks actual exploit code, instead redirecting users to an external download link (tinyurl.com). The README provides minimal technical details and reads like a generic vulnerability summary.

The repository provides a detailed technical analysis of CVE-2025-59536, focusing on the root cause (lack of cryptographic authentication in AI instruction execution) and proposing a quantum-based solution (Aether Protocol) to mitigate such vulnerabilities. It includes architectural details, security properties, and real-world deployment metrics.

This PoC demonstrates a UI/UX flaw in Anthropic's Claude Code where an attacker-controlled MCP server can misrepresent tool parameters in confirmation prompts, leading users to approve benign actions while executing malicious commands. The provided server.py file contains functional exploit code that simulates this behavior.