Weaknesses of type CWE-59
629 resultsCVE-2025-4211HIGHImproper Link Resolution Before File Access in QFileSystemEngine on WindowsEPSS 0.2%CVE-2023-6335MEDIUMImproper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled FileEPSS 0.2%CVE-2026-6959MEDIUMNomad vulnerable to arbitrary file read/write on client host through symlink attackEPSS 0.2%CVE-2025-15328MEDIUMTanium addressed an improper link resolution before file access vulnerability in Enforce.EPSS 0.2%CVE-2025-1697MEDIUMHP Touchpoint Analytics Service – Potential Escalation of PrivilegeEPSS 0.2%CVE-2026-44711HIGHpam_usb: Symlink attacks on pad directory and pad files enable authentication bypass and root file corruptionEPSS 0.2%CVE-2023-6336HIGHImproper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows User-Controlled FilenaEPSS 0.2%CVE-2024-54554MEDIUMThis issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access sensitiEPSS 0.2%CVE-2026-25906HIGHDell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privEPSS 0.2%CVE-2025-62363HIGHyt-grabber-tui allows arbitrary code execution via configurable yt-dlp pathEPSS 0.2%CVE-2026-23893MEDIUMopenCryptoki has improper link resolution before file access (link following)EPSS 0.2%CVE-2026-35365MEDIUMuutils coreutils mv Denial of Service and Data Duplication via Improper Symlink ExpansionEPSS 0.2%CVE-2025-52936CRITICALImproper Link Resolution Before File Access vulnerability in yrutschle/sslhEPSS 0.2%CVE-2026-44220LOWciguard: discover_pipeline_files follows symlinks out of scan rootEPSS 0.2%CVE-2026-55443MEDIUMLangChain: Path traversal and sandbox escape in LangChain file-search middleware and loadersEPSS 0.2%CVE-2026-8784MEDIUMnpitre cramfs-tools cramfsck.c change_file_status symlinkEPSS 0.2%CVE-2026-44470HIGHClaude Desktop: Local Privilege Escalation via Directory Junction in CoworkVMServiceEPSS 0.2%CVE-2025-15324MEDIUMTanium addressed a local privilege escalation vulnerability in Engage.EPSS 0.2%CVE-2025-43288MEDIUMThis issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.7, macOS Tahoe 26. An app may be ableEPSS 0.2%CVE-2025-30641HIGHA link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security 20.0 agents could allow a local attacker toEPSS 0.2%