Claude Code, Domain Validation Bypass, High Severity

Listen to this Post

The vulnerability in Claude Code arises from flawed domain validation in the WebFetch request mechanism. The application maintains a list of trusted domains, such as docs.python.org and modelcontextprotocol.io, to restrict automatic requests. Validation is performed using a `startsWith()` string comparison function on user-provided URLs. This method only checks if the input URL begins with a trusted domain string. Consequently, an attacker can register a malicious domain with a name that starts with a trusted domain string. For example, a domain like `modelcontextprotocol.io.example.com` would pass the `startsWith(“modelcontextprotocol.io”)` check. This allows the attacker to trick the application into making automatic HTTP requests to a domain they control. The request is made without user consent or interaction. This bypass can lead to data exfiltration, as the application may send sensitive information or authentication tokens in these automated requests. The vulnerability exploits the improper substring matching instead of a full hostname or origin validation.
Platform: Claude Code
Version: latest version
Vulnerability: Domain Validation Bypass
Severity: High
date: Feb 3 2026

Prediction: Patched Feb 3 2026

What Undercode Say:

Analytics

!/bin/bash

Simulating domain check bypass

trusted=”modelcontextprotocol.io”

url=”https://modelcontextprotocol.io.attacker.com”

if [[ $url == $trusted ]]; then

echo “Validation passed – vulnerable to bypass”

fi

Code snippet showing vulnerable pattern

if (url.startsWith(“https://docs.python.org”)) {

fetch(url); // Trusted fetch

}

How Exploit:

Register deceptive domain matching trusted prefix. Trick application into making autofetch requests to attacker server. Intercept sensitive data or tokens.

Protection from this CVE

Update to patched version. Implement full origin validation. Use allowlist with exact host matching.

Impact:

Data exfiltration. Unauthorized automatic requests.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top