Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-61

CWE-61

High likelihood

UNIX Symbolic Link (Symlink) Following

Parent: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.

125 vulnerabilities with CWE-61

CVE-2026-23968 MEDIUM

Copier <9.11.2 - Path Traversal

CVE-2025-68937 CRITICAL

Forgejo <13.0.2 - Code Injection

CVE-2025-33225 HIGH

NVIDIA Resiliency Extension - Privilege Escalation

CVE-2025-14693 MEDIUM

Ugreen DH2100+ <5.3.0 - Symlink Following

CVE-2025-67487 HIGH

Static-web-server Static Web Server < 2.40.0 - Symlink Following

CVE-2025-66431 HIGH

WebPros Plesk <18.0.73.5, <18.0.74.2 - Authenticated RCE

CVE-2025-65105 MEDIUM

Apptainer <1.4.5 - Privilege Escalation

CVE-2025-64750 MEDIUM

SingularityCE <4.3.5 & SingularityPRO 4.1.11 & 4.3.5 - SSRF

CVE-2025-62724 MEDIUM

Open OnDemand <4.0.8, <3.1.16 - Info Disclosure

CVE-2025-52881 HIGH

runc <1.4.0-rc.2 - Privilege Escalation

CVE-2025-52565 HIGH

Linuxfoundation Runc < 1.2.8 - Denial of Service

CVE-2025-31133 HIGH

Linuxfoundation Runc < 1.2.8 - Denial of Service

CVE-2025-62596 CRITICAL

Youki <0.5.7 - Privilege Escalation

CVE-2025-62161 CRITICAL

Youki <0.5.7 - Container Escape

CVE-2025-43991 MEDIUM

SupportAssist <4.8.2-4.5.3 - Info Disclosure

CVE-2025-11489 MEDIUM

Wonderwhy-er Desktopcommandermcp < 0.2.13 - Symlink Following

CVE-2025-59829 MEDIUM

Claude Code <1.0.120 - Privilege Escalation

CVE-2025-53881 MEDIUM

exim <4.98.2-lp156.248.1 - Privilege Escalation

CVE-2025-59343 HIGH

NPM Tar-fs < 3.1.1 - Path Traversal

CVE-2025-59825 MEDIUM

Crates.io Astral-tokio-tar < 0.5.4 - Path Traversal

CVE-2025-10854 HIGH

txtai - Path Traversal

CVE-2025-46810 HIGH

openSUSE Tumbleweed traefik2 <2.11.29 - Privilege Escalation

CVE-2025-57802 HIGH

Airlink Daemon 1.0.0 - Path Traversal

CVE-2025-54867 HIGH

Youki <0.5.5 - Privilege Escalation

CVE-2025-55345 HIGH

Codex CLI - RCE

Previous Page 2 of 5 Next

Details

Vulnerabilities 125

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy