Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-61

CWE-61

High likelihood

UNIX Symbolic Link (Symlink) Following

Parent: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.

138 vulnerabilities with CWE-61

CVE-2026-54420 HIGH KEV

Litespeed Technologies cPanel Plugin < 2.4.8 - UNIX Symbolic Link (Symlink) Following

CVE-2026-42306 HIGH

Moby: Race condition in docker cp allows bind mount redirection to host path

CVE-2026-5223 MEDIUM

Crates in third party registries can override the cached source of other crates

CVE-2026-8784 MEDIUM

npitre cramfs-tools cramfsck.c change_file_status symlink

CVE-2026-41937 HIGH

Vvveb < 1.0.8.3 Unrestricted File Upload RCE via Plugin Upload

CVE-2026-6475 HIGH

PostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser choice

CVE-2026-7819 HIGH

pgAdmin 4: Symbolic-link path traversal in File Manager allows arbitrary file write

CVE-2026-29203 HIGH

cPanel 11.86.0.0-11.136.0.8 - Authenticated Local Privilege Escalation via Symlink Following

CVE-2026-42275 HIGH

zrok: WebDAV drive backend follows symlinks outside DriveRoot, enabling host filesystem read/write

CVE-2026-31893 MEDIUM

Tunnelblick arbitrary file read via symlink following in tunnelblickd

CVE-2026-7832 HIGH

IObit Advanced SystemCare Service ASC.exe symlink

CVE-2026-43570 MEDIUM

OpenClaw 2026.3.22 < 2026.4.5 - Symlink Traversal in Remote Marketplace Repository Path Handling

CVE-2026-7397 MEDIUM

NousResearch hermes-agent file_tools.py _check_sensitive_path symlink

CVE-2026-41326 HIGH

Kata Containers: CopyFile Policy Subversion via Symlinks

CVE-2026-35372 MEDIUM

uutils coreutils ln Security Bypass via Improper Handling of the --no-dereference Flag

CVE-2026-39861 CRITICAL

Claude Code: Sandbox Escape via Symlink Following Allows Arbitrary File Write Outside Workspace

CVE-2026-28684 MEDIUM

python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback

CVE-2026-40354 LOW

Flatpak xdg-desktop-portal <1.20.4 - Privilege Escalation

CVE-2026-35632 HIGH

OpenClaw < 2026.2.22 - Symlink Traversal via IDENTITY.md appendFile in agents.create/update

CVE-2026-21916 HIGH

Junos OS: A low privileged user can escalate their privileges so that they can login as root

CVE-2026-39860 CRITICAL

Nix sandbox escape: file write via symlink at FOD `.tmp` copy destination

CVE-2026-35525 HIGH

LiquidJS <10.25.3 Symlinked Templates - Root Restriction Bypass

CVE-2026-34078 CRITICAL

Flatpak <1.16.4 sandbox-expose Symlinks - Sandbox Escape

CVE-2026-34447 MEDIUM

ONNX: External Data Symlink Traversal

CVE-2026-34446 MEDIUM

ONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX load

Page 1 of 6 Next

Details

Vulnerabilities 138

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy