VYPR

CWE-59

Improper Link Resolution Before File Access ('Link Following')

BaseDraftLikelihood: Medium

Description

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-132 · CAPEC-17 · CAPEC-35 · CAPEC-76

CVEs mapped to this weakness (818)

page 14 of 41
  • CVE-2025-41421MedOct 1, 2025
    risk 0.31cvss 4.7epss 0.00

    Improper handling of symbolic links in the TeamViewer Full Client and Host for Windows — in versions prior to 15.70 of TeamViewer Remote and Tensor — allows an attacker with local, unprivileged access to a device lacking adequate malware protection to escalate privileges by…

  • CVE-2025-8869MedSep 24, 2025
    risk 0.31cvss epss 0.00

    When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that upgrading pip to a "fixed" version for this vulnerability doesn't fix all known vulnerabilities that are remediated by…

  • CVE-2018-14329MedJul 17, 2018
    risk 0.31cvss 4.7epss 0.00

    In HTSlib 1.8, a race condition in cram/cram_io.c might allow local users to overwrite arbitrary files via a symlink attack.

  • CVE-2005-1111MedMay 2, 2005
    risk 0.31cvss 4.7epss 0.00

    Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.

  • CVE-2026-40610MedMay 22, 2026
    risk 0.29cvss 5.5epss 0.00

    BentoML is a Python library for building online serving systems optimized for AI apps and model inference. In versions 1.4.38 and prior, the build packaging workflow follows attacker-controlled symlinks inside the build context and copies the referenced file contents into the…

  • CVE-2025-53594MedJan 2, 2026
    risk 0.29cvss epss 0.00

    A path traversal vulnerability has been reported to affect several product versions. If a local attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the…

  • CVE-2025-11489MedOct 8, 2025
    risk 0.29cvss 4.5epss 0.00

    A security vulnerability has been detected in wonderwhy-er DesktopCommanderMCP up to 0.2.13. This vulnerability affects the function isPathAllowed of the file src/tools/filesystem.ts. The manipulation leads to symlink following. The attack can only be performed from a local…

  • CVE-2025-24136MedJan 27, 2025
    risk 0.29cvss 4.4epss 0.00

    This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. A malicious app may be able to create symlinks to protected regions of the disk.

  • CVE-2024-56074MedDec 15, 2024
    risk 0.29cvss 5.5epss 0.00

    gitingest before 9996a06 mishandles symbolic links that point outside of the base directory.

  • CVE-2024-45770MedSep 19, 2024
    risk 0.29cvss 4.4epss 0.00

    A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with…

  • CVE-2018-1063MedMar 2, 2018
    risk 0.29cvss 4.4epss 0.00

    Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when…

  • CVE-2017-15111MedJan 20, 2018
    risk 0.29cvss 5.5epss 0.00

    keycloak-httpd-client-install versions before 0.8 insecurely creates temporary file allowing local attackers to overwrite other files via symbolic link.

  • CVE-2014-1859MedJan 8, 2018
    risk 0.29cvss 5.5epss 0.00

    (1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.

  • CVE-2014-4978MedDec 29, 2017
    risk 0.29cvss 5.5epss 0.00

    The rs_filter_graph function in librawstudio/rs-filter.c in rawstudio might allow local users to truncate arbitrary files via a symlink attack on (1) /tmp/rs-filter-graph.png or (2) /tmp/rs-filter-graph.

  • CVE-2015-3156MedAug 11, 2017
    risk 0.29cvss 5.5epss 0.00

    The _write_config function in trove/guestagent/datastore/experimental/mongodb/service.py, reset_configuration function in trove/guestagent/datastore/experimental/postgresql/service/config.py, write_config function in trove/guestagent/datastore/experimental/redis/service.py,…

  • CVE-2015-8326MedJun 7, 2017
    risk 0.29cvss 5.5epss 0.00

    The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user.

  • CVE-2024-52522MedNov 15, 2024
    risk 0.28cvss epss 0.00

    Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Insecure handling of symlinks with --links and --metadata in rclone while copying to local disk allows unprivileged users to indirectly modify ownership and permissions…

  • CVE-2026-39819MedMay 7, 2026
    risk 0.27cvss 5.3epss 0.00

    The "go bug" command writes to two files with predictable names in the system temporary directory (for example, "/tmp"). An attacker with access to the temporary directory can create a symlink in one of these names, causing "go bug" to overwrite the target of the symlink.

  • CVE-2026-34452MedMar 31, 2026
    risk 0.27cvss 5.3epss 0.00

    The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the async local filesystem memory tool in the Anthropic Python SDK validated that model-supplied paths resolved inside the sandboxed memory…

  • CVE-2026-54055MedJun 12, 2026
    risk 0.26cvss 5.0epss 0.00

    Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.2, a local privilege escalation vulnerability exists in kitty's file transmission protocol where a child process running in the terminal can write to arbitrary files on the filesystem by exploiting a TOCTOU…