VYPR

CWE-59

Improper Link Resolution Before File Access ('Link Following')

BaseDraftLikelihood: Medium

Description

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-132 · CAPEC-17 · CAPEC-35 · CAPEC-76

CVEs mapped to this weakness (818)

page 6 of 41
  • CVE-2016-6664HigDec 13, 2016
    risk 0.49cvss 7.0epss 0.03

    mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before…

  • CVE-2002-2323HigDec 31, 2002
    risk 0.49cvss 7.5epss 0.02

    Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions.

  • CVE-2001-1042HigJul 2, 2001
    risk 0.49cvss 7.5epss 0.03

    Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.

  • CVE-2001-1386HigJul 1, 2001
    risk 0.49cvss 7.5epss 0.03

    WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension.

  • CVE-2001-1043HigJul 1, 2001
    risk 0.49cvss 7.5epss 0.03

    ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.

  • CVE-2026-43989HigMay 12, 2026
    risk 0.48cvss 8.5epss 0.00

    JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the upload_wasm MCP tool accepted a filesystem path from the agent and uploaded whatever bytes the path resolved to, with no validation of location, symlink target, file size, or file format.…

  • CVE-2026-41882HigApr 30, 2026
    risk 0.48cvss 7.4epss 0.00

    In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server

  • CVE-2026-33694HigApr 23, 2026
    risk 0.48cvss epss 0.00

    This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code…

  • CVE-2026-40931HigApr 21, 2026
    risk 0.48cvss 8.4epss 0.00

    Compressing is a compressing and uncompressing lib for node. Prior to 2.1.1 and 1.10.5, the patch for CVE-2026-24884 relies on a purely logical string validation within the isPathWithinParent utility. This check verifies if a resolved path string starts with the destination…

  • CVE-2026-11837HigJun 10, 2026
    risk 0.47cvss 7.3epss 0.00

    A local privilege escalation vulnerability was found in the ansible.posix authorized_key module. The module's keyfile() function uses os.chown() instead of os.lchown() and opens files without O_NOFOLLOW when managing SSH authorized keys. An unprivileged local user can pre-stage…

  • CVE-2025-12838HigDec 23, 2025
    risk 0.47cvss 7.3epss 0.00

    MSP360 Free Backup Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MSP360 Free Backup. An attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2025-5296HigAug 18, 2025
    risk 0.47cvss 7.3epss 0.00

    CWE-59: Improper Link Resolution Before File Access ('Link Following') vulnerability exists that could cause arbitrary data to be written to protected locations, potentially leading to escalation of privilege, arbitrary file corruption, exposure of application and system…

  • CVE-2025-4211HigMay 16, 2025
    risk 0.47cvss epss 0.00

    Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine in the Qt corelib module on Windows which potentially allows Symlink Attacks and the use of Malicious Files. Issue originates from CVE-2024-38081. The vulnerability arises from the…

  • CVE-2025-23010HigApr 10, 2025
    risk 0.47cvss 7.2epss 0.00

    An Improper Link Resolution Before File Access ('Link Following') vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to manipulate file paths.

  • CVE-2024-22038HigNov 28, 2024
    risk 0.47cvss 7.3epss 0.00

    Various problems in obs-scm-bridge allows attackers that create specially crafted git repositories to leak information of cause denial of service.

  • CVE-2024-51721HigNov 12, 2024
    risk 0.47cvss 7.3epss 0.00

    A code injection vulnerability in the SecuSUITE Server Web Administration Portal of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially inject script commands or other executable content into the server that would run with root privilege.

  • CVE-2015-3315HigJun 26, 2017
    risk 0.47cvss 7.8epss 0.05

    Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an…

  • CVE-2010-4226HigFeb 6, 2014
    risk 0.47cvss 7.2epss 0.03

    cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive.

  • CVE-2026-54230HigJun 13, 2026
    risk 0.46cvss 7.0epss 0.00

    A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the O_NOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows…

  • CVE-2026-44051HigMay 21, 2026
    risk 0.46cvss 8.1epss 0.00

    An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows a remote authenticated attacker to read arbitrary files or overwrite arbitrary files via attacker-controlled symlink creation.