CWE-59: Improper Link Resolution Before File Access (Link Following) — known CVE vulnerabilities
CVEs classified under CWE-59 (Improper Link Resolution Before File Access (Link Following)), ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2024-37143 — CVSS 10.0 (critical): Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x…
CVE-2024-28189 — CVSS 10.0 (critical): Judge0 is an open-source online code execution system. The application uses the UNIX chown command on an untrusted file within the sandbox…
CVE-2024-28185 — CVSS 10.0 (critical): Judge0 is an open-source online code execution system. The application does not account for symlinks placed inside the sandbox directory…
CVE-2022-22995 — CVSS 10.0 (critical): The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting…
CVE-2014-4480 — CVSS 10.0 (critical): Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple TV before 7.0.3 allows attackers to access…
CVE-2002-2374 — CVSS 10.0 (critical): Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files."
CVE-2026-44881 — CVSS 9.9 (critical): Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker…
CVE-2026-7374 — CVSS 9.9 (critical): A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a…
CVE-2018-5225 — CVSS 9.9 (critical): In browser editing in Atlassian Bitbucket Server from version 4.13.0 before 5.4.8 (the fixed version for 4.13.0 through 5.4.7), 5.5.0…
CVE-2026-50549 — CVSS 9.8 (critical): Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default. Before a…
CVE-2025-66277 — CVSS 9.8 (critical): A link following vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit…
CVE-2025-43220 — CVSS 9.8 (critical): This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma…
CVE-2025-30457 — CVSS 9.8 (critical): This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS…
CVE-2024-48862 — CVSS 9.8 (critical): A link following vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers to…
CVE-2024-6868 — CVSS 9.8 (critical): mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of automatic archive extraction. When model…
CVE-2022-34960 — CVSS 9.8 (critical): The container package in MikroTik RouterOS 7.4beta4 allows an attacker to create mount points pointing to symbolic links, which resolve to…
CVE-2022-26612 — CVSS 9.8 (critical): In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. As a…
CVE-2021-21691 — CVSS 9.8 (critical): Creating symbolic links is possible without the 'symlink' agent-to-controller access control permission in Jenkins 2.318 and earlier, LTS…
CVE-2020-27172 — CVSS 9.8 (critical): An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to…
CVE-2020-9682 — CVSS 9.8 (critical): Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could…
CVE-2020-9670 — CVSS 9.8 (critical): Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could…
CVE-2019-7183 — CVSS 9.8 (critical): This improper link resolution vulnerability allows remote attackers to access system files. To fix this vulnerability, QNAP recommend…
CVE-2019-18658 — CVSS 9.8 (critical): In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a…
CVE-2018-1000544 — CVSS 9.8 (critical): rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write…
CVE-2018-12026 — CVSS 9.8 (critical): During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such…
CVE-2003-1233 — CVSS 9.8 (critical): Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access…
CVE-2023-25168 — CVSS 9.6 (critical): Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system…
CVE-2025-52936: Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2.
CVE-2008-5155 — CVSS 9.3 (critical): mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/header.##### or (2)…
CVE-2008-4694 — CVSS 9.3 (critical): Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of service (application crash) or execute…
CVE-2008-3329 — CVSS 9.3 (critical): Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing…
CVE-2026-25718 — CVSS 9.1 (critical): Gitea versions before 1.25.5 mishandle path resolution during template repository generation, allowing template processing to read or write…
CVE-2026-42496 — CVSS 9.1 (critical): Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory…
CVE-2024-10007 — CVSS 9.1 (critical): A path collision and arbitrary code execution vulnerability was identified in GitHub Enterprise Server that allowed container escape to…
CVE-2024-3829 — CVSS 9.1 (critical): qdrant/qdrant version 1.9.0-dev is vulnerable to arbitrary file read and write during the snapshot recovery process. Attackers can exploit…
CVE-2023-39107 — CVSS 9.1 (critical): An arbitrary file overwrite vulnerability in NoMachine Free Edition and Enterprise Client for macOS before v8.8.1 allows attackers to…
CVE-2021-38570 — CVSS 9.1 (critical): An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows attackers to delete arbitrary files (during uninstallation)…
CVE-2020-13833 — CVSS 9.1 (critical): An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The system area allows arbitrary file…
CVE-2026-45405 — CVSS 9.0 (critical): Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into…
CVE-2024-32002 — CVSS 9.0 (critical): Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with…
CVE-2026-41236 — CVSS 8.8 (high): Froxlor is open source server administration software. Version 2.3.6 contains a symlink-following flaw in the root-owned SSH key…
CVE-2021-47949 — CVSS 8.8 (high): CyberPanel 2.1 contains a command execution vulnerability that allows authenticated attackers to read arbitrary files and execute remote…
CVE-2026-5161 — CVSS 8.8 (high): Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research Institute…
CVE-2026-32013 — CVSS 8.8 (high): OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in the agents.files.get and agents.files.set methods that…
CVE-2026-33001 — CVSS 8.8 (high): Jenkins 2.554 and earlier, LTS 2.541.2 and earlier does not safely handle symbolic links during the extraction of .tar and .tar.gz…
CVE-2026-31979 — CVSS 8.8 (high): Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and 2.3.8, the himmelblaud-tasks daemon…
CVE-2025-49739 — CVSS 8.8 (high): Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over…
CVE-2025-41668 — CVSS 8.8 (high): A low privileged remote attacker with file access can replace a critical file or folder used by the service security-profile to get read…
CVE-2025-41667 — CVSS 8.8 (high): A low privileged remote attacker with file access can replace a critical file used by the arp-preinit script to get read, write and execute…