Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852

**Executive Summary:** Check Point Research found critical configuration-based vulnerabilities in Anthropic's Claude Code where malicious repository files (.claude/settings.json, .mcp.json and environment overrides) can run arbitrary commands and exfiltrate API keys before user consent, enabling remote code execution and workspace-wide compromise; Anthropic coordinated fixes and patched the issues prior to public disclosure.