CVEs classified under CWE-1386, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2025-58074 — CVSS 8.8 (high): A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can…
CVE-2024-7400: The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows…
CVE-2024-36340 — CVSS 6.6 (medium): A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points, potentially resulting…
CVE-2026-41116 — CVSS 6.3 (medium): Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access ('Link Following')…
CVE-2023-40623 — CVSS 6.2 (medium): SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary…
CVE-2023-23698 — CVSS 5.5 (medium): Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in…
CVE-2023-32470 — CVSS 5.0 (medium): Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local…