CWE-59

Link Following

MITRE

No catalog description on file. The MITRE CWE site has the canonical reference.

CVEs (total)

Critical

High

Medium

Low

Severity distribution

Recent CVEs

showing 33 of 33

CVE-2026-54230High· 7.07 h ago
A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the O_NOFOLLOW flag. If the target file is replaced with a symlink, th
CVE-2026-54056High· 7.6EPSS 0%13 h ago
Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, `kitten dnd` can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the local kitty user. Remote `text/uri-list` dr
CVE-2026-54055Medium· 5.0EPSS 0%14 h ago
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.2, a local privilege escalation vulnerability exists in kitty's file transmission protocol where a child process running in the terminal can write to arbitrary files on
CVE-2019-1064High· 7.8KEVEPSS 12%17 h ago
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
CVE-2019-1253High· 7.8KEVEXPLOITEPSS 28%17 h ago
Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability
CVE-2022-30333High· 7.5KEVEXPLOITEPSS 93%17 h ago
RARLAB UnRAR Directory Traversal Vulnerability
CVE-2020-0787High· 7.8KEVEXPLOITEPSS 59%17 h ago
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
CVE-2020-36193High· 7.5KEVEPSS 71%17 h ago
PEAR Archive_Tar Improper Link Resolution Vulnerability
CVE-2026-41091High· 7.8KEVEPSS 8%17 h ago
Microsoft Defender Link Following Vulnerability
CVE-2025-60710High· 7.8KEVEPSS 19%17 h ago
Microsoft Windows Link Following Vulnerability
CVE-2025-21391High· 7.1KEVEPSS 5%17 h ago
Microsoft Windows Storage Link Following Vulnerability
CVE-2019-1315High· 7.8KEVEPSS 8%17 h ago
Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability
CVE-2025-48384High· 8.0KEVEPSS 1%17 h ago
Git Link Following Vulnerability
CVE-2019-1129High· 7.8KEVEPSS 2%17 h ago
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
CVE-2023-36874High· 7.8KEVEXPLOITEPSS 70%17 h ago
Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability
CVE-2019-0841High· 7.8KEVEXPLOITEPSS 83%17 h ago
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
CVE-2019-1385High· 7.8KEVEPSS 0%17 h ago
Microsoft Windows AppX Deployment Extensions Privilege Escalation Vulnerability
CVE-2019-1069High· 7.8KEVEPSS 33%17 h ago
Microsoft Task Scheduler Privilege Escalation Vulnerability
CVE-2019-1130High· 7.8KEVEPSS 2%17 h ago
Microsoft Windows AppX Deployment Service Privilege Escalation Vulnerability
CVE-2025-46293Medium· 5.5EPSS 0%21 h ago
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.
CVE-2026-42989High· 7.8EPSS 0%1 d ago
Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.
CVE-2026-45384Medium· 6.1EPSS 0%1 d ago
bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, there is an arbitrary file overwrite vulnerability via symlink attack on predictable temp files during archive up
CVE-2026-45586High· 7.8EPSS 0%1 d ago
Improper link resolution before file access ('link following') in Windows Collaborative Translation Framework allows an authorized attacker to elevate privileges locally.
CVE-2026-11853Medium· 6.5EPSS 0%2 d ago
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Debian source packages (.dsc) and upload artifacts (.changes) are manifest files that name the files that make up the artifact. The parser use
CVE-2026-11837High· 7.3EPSS 0%2 d ago
A local privilege escalation vulnerability was found in the ansible.posix authorized_key module. The module's keyfile() function uses os.chown() instead of os.lchown() and opens files without O_NOFOLLOW when managing SSH authorized keys. An
CVE-2026-53476Critical· 9.6EPSS 0%2 d ago
A flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same local area network (LAN), can exploit a path traversal vulnerability. By crafting a specially designed gzipped tarball, the attacker can bypass s
CVE-2026-45491Medium· 6.2EPSS 0%3 d ago
Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally.
CVE-2026-50511High· 7.8EPSS 0%3 d ago
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-44275Medium· 6.3EPSS 0%3 d ago
Dell/Alienware Purchased Apps, versions prior to 1.1.32.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, le
CVE-2026-28262Medium· 6.0EPSS 0%3 d ago
Dell iDRAC Tools, versions prior to 11.4.1.0, contains an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Inf
CVE-2026-41236High· 8.8EPSS 0%4 d ago
Froxlor is open source server administration software. Version 2.3.6 contains a symlink-following flaw in the root-owned SSH key synchronization path used for customer FTP users. The provisioning code appends public keys to `~/.ssh/authoriz
CVE-2026-5161High· 8.8EPSS 0%7 d ago
Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before 1.2.2.
CVE-2026-11322Medium· 6.5EPSS 0%7 d ago
Hermes WebUI prior to v0.51.221 contains a path traversal vulnerability that allows attackers to escape the workspace boundary by supplying symlinks that resolve to files or directories outside the designated workspace root. Attackers can e

CWE catalog data sourced from MITRE. CVE associations come from NVD weakness mappings; some CVEs carry multiple CWEs.