Vulnerability in Claude Desktop Extensions 0-Click A fundamental architectural flaw in the way Large Language Models (LLMs) handle trust boundaries has been revealed by a new critical vulnerability found by security research firm LayerX This article explores impacted vulnerability layerx. . With just a maliciously created Google Calendar event, an attacker can compromise a system thanks to the zero-click remote code execution (RCE) vulnerability in Claude Desktop Extensions (DXT).

Over 10,000 active users and more than 50 DXT extensions are impacted by the vulnerability, which LayerX has given a CVSS score of 10/10. It draws attention to a risky weakness in the Model Context Protocol (MCP) ecosystem: AI agents' capacity to automatically link low-risk data sources to high-privilege execution tools without user permission. The Claude Desktop Extensions architecture is the root of the problem.

LayerX recommends that MCP connectors be regarded as dangerous for security-sensitive systems until a patch or architectural modification is applied. If users also use connectors that ingest external, untrusted data, such as calendars or emails, the research team advises them to disconnect high-privilege local extensions. The attack surface has changed as AI agents transition from chatbots to active OS assistants.

As a warning, this zero-click remote code execution (RCE) exposes us to data manipulation by allowing AI agents access to our digital lives. There are serious security risks associated with the ease of letting AI handle tasks.