Fallos del tipo CWE-61
144 resultadosCVE-2026-34446MEDIUMONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX loadEPSS 0.2%CVE-2024-52537MEDIUMDell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability. A high privileged attacker with local accesEPSS 0.2%CVE-2024-52542MEDIUMDell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could EPSS 0.2%CVE-2025-22480HIGHDell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. A low-privileged attacker with localEPSS 0.2%CVE-2026-22767HIGHDell AppSync, version(s) 4.6.0, contain(s) an UNIX Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local accEPSS 0.2%CVE-2025-1079HIGHRCE In Google Web DesignerEPSS 0.2%CVE-2025-54867HIGHYouki Symlink Following VulnerabilityEPSS 0.2%CVE-2026-8784MEDIUMnpitre cramfs-tools cramfsck.c change_file_status symlinkEPSS 0.2%CVE-2025-53881MEDIUMSUSE-specific logrotate configuration allows escalation from mail user/group to rootEPSS 0.2%CVE-2023-39246MEDIUM
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure OEPSS 0.2%CVE-2025-43278MEDIUMThis issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protectEPSS 0.2%CVE-2025-46810HIGHA UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of openSUSE Tumbleweed traefik2 allows the traefik user to escalate EPSS 0.1%CVE-2026-12958HIGHArbitrary file write in Language Servers for AWSEPSS 0.1%CVE-2026-35372MEDIUMuutils coreutils ln Security Bypass via Improper Handling of the --no-dereference FlagEPSS 0.1%CVE-2026-7397MEDIUMNousResearch hermes-agent file_tools.py _check_sensitive_path symlinkEPSS 0.1%CVE-2026-7832HIGHIObit Advanced SystemCare Service ASC.exe symlinkEPSS 0.1%CVE-2026-56815HIGHpwnlift before d7a9544, in a privileged deployment, contains a symlink following vulnerability in the upload handler in Components/Pages/HomEPSS 0.1%CVE-2025-64750MEDIUMSingluarity ineffectively applies of selinux / apparmor LSM process labelsEPSS 0.1%CVE-2026-21916HIGHJunos OS: A low privileged user can escalate their privileges so that they can login as rootEPSS 0.1%CVE-2026-40354LOWFlatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlinkEPSS 0.1%