CWE-61: CWE-61

This vulnerability in Codex CLI allows attackers to overwrite arbitrary files and potentially achieve remote code execution when the tool is used in w...

This vulnerability in 360 Total Security Antivirus allows attackers to escalate privileges by exploiting symbolic link following to delete arbitrary f...

This vulnerability in Static Web Server (SWS) allows attackers who can create files in the web root directory to create symbolic links that escape the...

This vulnerability in @npmcli/arborist allows attackers to write arbitrary files to any location on case-insensitive filesystems by exploiting case-se...

CVE-2025-10854 is a path traversal vulnerability in the txtai framework that allows arbitrary file write via malicious tar files containing symbolic l...

This vulnerability allows authenticated Plesk users with domain management permissions to execute arbitrary code with root privileges during domain cr...

This vulnerability in runc allows attackers to bypass container isolation by exploiting insufficient verification of bind-mount sources when using /de...

Dell Encryption Admin Utilities versions before 11.10.2 contain an improper link resolution vulnerability (CWE-61) that allows local malicious users t...

Dell Inventory Collector Client versions before 12.7.0 have a path traversal vulnerability where low-privilege local attackers can exploit improper li...

This CVE describes a local privilege escalation vulnerability in arpwatch on SUSE Linux systems. Attackers with control of the runtime user can create...

The Private Tunnel installer for macOS versions 3.0.1 and older contains a symlink vulnerability that allows attackers to corrupt critical system file...

This vulnerability allows authenticated users (admin privileges not required) to perform Local File Inclusion (LFI) attacks on pwn.college CTFd contai...

CVE-2026-25724 is a symbolic link bypass vulnerability in Claude Code that allows reading files explicitly denied in settings.json. Attackers could ac...

This CVE-2025-52881 vulnerability in runc allows attackers to redirect writes to /proc filesystem to other locations through race conditions with shar...

A vulnerability in runc allows attackers to bypass container isolation by tricking the system into bind-mounting sensitive read-only or masked paths t...

This vulnerability in QSAN Storage Manager's share_link function allows remote attackers to create symbolic links and access arbitrary files on the sy...

This vulnerability in ZSATrayManager allows unprivileged users to delete arbitrary files by exploiting inadequate protection of temporary encrypted ZA...

CVE-2026-23986 is a path traversal vulnerability in Copier project template tool that allows malicious templates to write files outside the intended d...

This vulnerability allows an attacker with unprivileged access to a macOS system running TeamViewer Remote Client to potentially elevate privileges or...

This vulnerability in Youki container runtime allows attackers to escape container isolation and access the host filesystem when /proc and /sys in the...

Dell SupportAssist OS Recovery versions before 5.5.13.1 contain a symbolic link attack vulnerability that allows local low-privileged attackers to del...

This vulnerability in AWS SAM CLI allows attackers to access privileged host files when building with Docker if symlinks are present in build files. T...

Dell Client Platform Firmware Update Utility has an Improper Link Resolution vulnerability (CWE-61) that allows a high-privileged attacker with local ...

A UNIX symbolic link following vulnerability in FutureNet NXR, VXR, and WXR series routers allows logged-in administrative users to access or destroy ...

A UNIX symbolic link following vulnerability in Firecracker's jailer component allows local host users with write access to pre-created jailer directo...

Dell PowerScale OneFS contains a UNIX symbolic link following vulnerability that allows local high-privileged attackers to manipulate symbolic links t...

This vulnerability in Copier allows safe templates to include arbitrary files/directories outside the local template clone location using symlinks wit...

This vulnerability allows authenticated local attackers to read arbitrary files on disk through improper symbolic link handling in Ivanti secure acces...

This vulnerability allows attackers to overwrite arbitrary files during recovery operations due to improper symbolic link handling in Acronis backup p...

This vulnerability allows a malicious app to bypass macOS symlink validation and access protected user data. It affects macOS systems before Sonoma 14...

This vulnerability in Zoom macOS installers allows authenticated users to escalate privileges via symlink attacks when network access is available. It...

This vulnerability allows authenticated local attackers with remote support accounts to overwrite arbitrary files on Cisco TelePresence CE and RoomOS ...

This vulnerability in aiohttp allows attackers to perform path traversal attacks when static routes contain compressed file variants (.gz or .br) that...

This vulnerability in SingularityCE and SingularityPRO container platforms allows attackers to bypass Linux Security Module (LSM) restrictions under s...

This vulnerability in Apptainer allows containers to bypass AppArmor and SELinux security restrictions when using the --security option. It affects un...

OpenClaw versions 2026.2.17 and below have a symlink vulnerability in the skill packaging script that allows local file inclusion when building .skill...

Dell AppSync version 4.6.0.x contains a symbolic link following vulnerability that allows local low-privileged attackers to tamper with files by manip...

This vulnerability allows authenticated local attackers with remote support accounts to overwrite arbitrary files on Cisco TelePresence CE and RoomOS ...

Open OnDemand HPC portal versions before 4.0.8 and 3.1.16 contain a TOCTOU vulnerability in zip file downloads that could allow authenticated users to...

This vulnerability in Forgejo allows attackers to write to unintended files through mishandling of symlink destinations in template repositories. Atta...

A UNIX symbolic link following vulnerability in logrotate configuration for the exim mail transfer agent allows local privilege escalation from mail u...