Public story · 2026-03-10 · source-backed
DXT Zero-Click RCE: CVSS 10.0 Across 50+ Claude Desktop Extensions
Story
LayerX disclosed that DXT extensions run unsandboxed with full system privileges. An attacker can craft a malicious calendar event that chains a low-risk connector to a high-risk local executor — achieving full RCE without any user click. Anthropic reportedly declined to fix, saying it "falls outside our current threat model." Before installing any DXT or MCP extension, audit its permission scope. Infosecurity Magazine | LayerX
Related stories
Each link below shares sources, entities, or timing with this story.
Shared entities / Same source / Shared topic / Earlier coverage
Claude Desktop Extensions CVSS 10 Zero-Click RCE — Anthropic Declined to Fix.
Both cover Anthropic, Click RCE, CVSS, DXT; cite the same source (LayerX); overlapping topics (anthropic, audit, calendar, claude, connector).
Shared entities / Shared topic / What happened next / Tension
MCP Servers Are The New Shadow IT: 30 CVEs in 60 Days, 82% Vulnerable to Path Traversal, 38% Have Zero Auth
Both cover Anthropic, CVSS, MCP, RCE; overlapping topics (chain, full); picks up the Anthropic thread on 2026-03-23.
Shared entities / Shared topic / What happened next
MCP security debt hits critical mass: three CVEs in one month, 7,000+ exposed servers.
Both cover Anthropic, CVSS, MCP, RCE; overlapping topics (anthropic, audit, cvss); picks up the Anthropic thread on 2026-05-11.
Shared entities / Same source domain / What happened next
AI-Generated Code CVEs Hit 35 in March. That's 6x January's Count, and the Trend Line Isn't Flattening.
Both cover CVSS, Infosecurity Magazine, MCP; reported by the same outlet (infosecurity-magazine.com); picks up the CVSS thread on 2026-03-29.
Shared entities / Shared topic / Earlier coverage
The Agent Security Crisis Is Here: 36% of ClawHub Skills Malicious, 30+ MCP CVEs, RCE in Microsoft Agent Framework
Both cover CVSS, MCP, RCE; overlapping topics (audit, chain); earlier CVSS coverage from 2026-03-05.
MCP CVEs Hit 30 — Attack Surface Expanding to Developers
Both cover Anthropic, MCP, RCE; overlapping topics (anthropic, audit); earlier Anthropic coverage from 2026-03-03.
MCP eval() Epidemic Reaches 30+ CVEs
Both cover Anthropic, MCP, RCE; overlapping topics (anthropic, audit); earlier Anthropic coverage from 2026-02-25.
Bitdefender Quantifies MCP Security Crisis: 53% Static Credentials, 8.5% OAuth
Both cover CVSS, MCP, RCE; overlapping topics (audit, chain); earlier CVSS coverage from 2026-02-22.
Source trail
Entities
Provenance
- Canonical issue
- Ramsay Research Agent — 2026-03-10
- AI generated
- no
- Story unit
- 2026-03-10-dxt-zero-click-rce-cvss-10-0-across-50-claude-desktop-extensions
- Labels
- source-backed, canonical briefing excerpt