Preface: When a system has a design flaw without a assigned CVE identifier, standard signatures in a Web Application Firewall (WAF) will not detect or block the exploit.Why the WAF Fails?

No Signature: WAFs rely on signatures of known vulnerabilities (CVEs) to block attacks.

Valid Traffic: Exploits targeting design flaws use legitimate application features and look like normal user behavior.

Logic-Based: Design flaws are errors in how the application is built, not coding bugs.

Background: In late March 2026, developers reverse-engineered Claude Code (Anthropic’s official CLI tool) and discovered two critical client-side caching vulnerabilities, causing token consumption to surge by 10-20 times per interaction. However, no CVE numbers were released this time. Is this true? In late March 2026, members of the community reverse-engineered the Claude Code CLI tool and discovered significant client-side cache bugs that caused token consumption to increase by an estimated 10–20times per interaction.

This incident, which occurred around March 23–31, 2026, resulted in widespread reports of paid users exhausting their usage limits within minutes rather than hours, with some users seeing 5-hour session windows drain in under 70 minutes.

No Official CVE: While the bug was acknowledged by Anthropic as a “top priority” investigation on March 31, it was handled as a product bug rather than a security CVE, causing significant frustration among developers.

Vulnerability details: In late March 2026, developers reverse-engineering Claude Code (Anthropic’s official CLI tool) discovered two major client-side cache bugs that caused token consumption to explode by 10–20× per interaction.

Remedy: To explicitly safeguard your code against token-inflation regressions and guarantee a 90% cost reduction via prompt caching,  you must inject cache_control breakpoints directly into your tool array and message blocks. Please refer to diagram for details.