Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-61

CWE-61

High likelihood

UNIX Symbolic Link (Symlink) Following

Parent: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.

125 vulnerabilities with CWE-61

CVE-2026-7397 MEDIUM

NousResearch hermes-agent file_tools.py _check_sensitive_path symlink

CVE-2026-41326 HIGH

Kata Containers: CopyFile Policy Subversion via Symlinks

CVE-2026-35372 MEDIUM

uutils coreutils ln Security Bypass via Improper Handling of the --no-dereference Flag

CVE-2026-39861 CRITICAL

Claude Code: Sandbox Escape via Symlink Following Allows Arbitrary File Write Outside Workspace

CVE-2026-28684 MEDIUM

python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback

CVE-2026-40354 LOW

Flatpak xdg-desktop-portal <1.20.4 - Privilege Escalation

CVE-2026-35632 HIGH

OpenClaw < 2026.2.22 - Symlink Traversal via IDENTITY.md appendFile in agents.create/update

CVE-2026-21916 HIGH

Junos OS: A low privileged user can escalate their privileges so that they can login as root

CVE-2026-39860 CRITICAL

Nix sandbox escape: file write via symlink at FOD `.tmp` copy destination

CVE-2026-35525 HIGH

LiquidJS has a root restriction bypass for partial and layout loading through symlinked templates

CVE-2026-34078 CRITICAL

Flatpak has a complete sandbox escape leading to host file access and code execution in the host context

CVE-2026-34447 MEDIUM

ONNX: External Data Symlink Traversal

CVE-2026-34446 MEDIUM

ONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX load

CVE-2026-27489 HIGH

ONNX: Path Traversal via Symlink

CVE-2026-22767 HIGH

Dell AppSync 4.6.0 - Symlink Following

CVE-2026-33711 HIGH

Incus vulnerable to local privilege escalation through VM screenshot path

CVE-2026-20694 MEDIUM

Apple Ios And Ipados < 26.3 - Denial of Service

CVE-2026-33056 MEDIUM

tar-rs: unpack_in can chmod arbitrary directories by following symlinks

CVE-2026-24018 HIGH

FortiClientLinux 7.2.2-7.4.4 - Privilege Escalation

CVE-2026-27976 HIGH

Zed <0.224.4 - Path Traversal

CVE-2026-27485 MEDIUM

OpenClaw <=2026.2.17 - Info Disclosure

CVE-2026-25724 HIGH

Claude Code <2.1.7 - Info Disclosure

CVE-2026-1386 MEDIUM

Firecracker <1.13.2-1.14.1 - Privilege Escalation

CVE-2026-24047 MEDIUM

Backstage <0.1.17 - Path Traversal

CVE-2026-23986 HIGH

Copier <9.11.2 - Path Traversal

Page 1 of 5 Next

Details

Vulnerabilities 125

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy