📦 Warp

A privilege escalation vulnerability in Cloudflare WARP for Windows allows low-privileged users to create symbolic links that cause the WARP service (running as SYSTEM) to delete arbitrary files when ...

The Cloudflare WARP client for Windows incorrectly assigns Unique Local IPv6 addresses instead of loopback addresses for DNS servers when connected over IPv6 networks. This allows attackers on the sam...

The Cloudflare WARP client for Windows had an insecure IPC Named Pipe that allowed unauthorized remote access. This enabled attackers to trigger WARP connection/disconnection commands and extract netw...

This vulnerability allows local attackers to escalate privileges by exploiting hardlink creation during the Cloudflare WARP client repair process. Attackers can forge hardlink destinations to overwrit...

CVE-2022-2225 allows non-admin users to bypass Cloudflare WARP's Zero Trust security policies by using warp-cli subcommands to disable network interfaces. This affects organizations using Cloudflare W...