VYPR

CWE-59

Improper Link Resolution Before File Access ('Link Following')

BaseDraftLikelihood: Medium

Description

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-132 · CAPEC-17 · CAPEC-35 · CAPEC-76

CVEs mapped to this weakness (818)

page 9 of 41
  • CVE-2026-44275MedJun 9, 2026
    risk 0.41cvss 6.3epss 0.00

    Dell/Alienware Purchased Apps, versions prior to 1.1.32.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write

  • CVE-2026-45539HigMay 15, 2026
    risk 0.41cvss 7.4epss 0.01

    Microsoft APM is an open-source, community-driven dependency manager for AI agents. From 0.5.4 to 0.12.4, two primitive integrators in apm-cli enumerate package files with bare Path.glob() / Path.rglob() calls and read each match with Path.read_text(), transparently following…

  • CVE-2026-41610MedMay 12, 2026
    risk 0.41cvss 6.3epss 0.01

    Improper neutralization of input during web page generation ('cross-site scripting') in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.

  • CVE-2026-27105MedApr 29, 2026
    risk 0.41cvss 6.3epss 0.00

    Dell/Alienware Purchased Apps, versions prior to 1.1.31.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write

  • CVE-2025-43448MedNov 4, 2025
    risk 0.41cvss 6.3epss 0.00

    This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. An app may be able to break out of…

  • CVE-2025-53109HigJul 2, 2025
    risk 0.41cvss epss 0.01

    Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files via symlinks within allowed directories. Users are advised to upgrade to…

  • CVE-2024-27885MedJun 10, 2024
    risk 0.41cvss 6.3epss 0.00

    This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. An app may be able to modify protected parts of the file system.

  • CVE-2026-45384MedJun 10, 2026
    risk 0.40cvss 6.1epss 0.00

    bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, there is an arbitrary file overwrite vulnerability via symlink attack on predictable temp files during archive update. This issue has been patched in…

  • CVE-2026-45491MedJun 9, 2026
    risk 0.40cvss 6.2epss 0.00

    Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally.

  • CVE-2025-14693MedDec 15, 2025
    risk 0.40cvss 6.2epss 0.00

    A vulnerability has been found in Ugreen DH2100+ up to 5.3.0. This affects an unknown function of the component USB Handler. Such manipulation leads to symlink following. The attack can be executed directly on the physical device. The exploit has been disclosed to the public and…

  • CVE-2025-62364MedOct 13, 2025
    risk 0.40cvss 6.2epss 0.01

    text-generation-webui is an open-source web interface for running Large Language Models. In versions through 3.13, a Local File Inclusion vulnerability exists in the character picture upload feature. An attacker can upload a text file containing a symbolic link to an arbitrary…

  • CVE-2025-22247MedMay 12, 2025
    risk 0.40cvss 6.1epss 0.00

    VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM.

  • CVE-2025-32817MedApr 16, 2025
    risk 0.40cvss 6.1epss 0.00

    A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and 64 bit) client, this results in unauthorized file overwrite, potentially leading to denial of service or file corruption.

  • CVE-2016-8641MedAug 1, 2018
    risk 0.40cvss 6.7epss 0.01

    A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It's possible for the local attacker to create symbolic links before the files are to be created and…

  • CVE-2016-9595HigJul 27, 2018
    risk 0.40cvss 7.3epss 0.00

    A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files.

  • CVE-2017-12258MedOct 5, 2017
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack. The vulnerability exists because the affected software does not provide sufficient protections for HTML…

  • CVE-2015-5701MedAug 25, 2017
    risk 0.40cvss 6.1epss 0.00

    mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to write to arbitrary files via a symlink attack. NOTE: this vulnerability exists due to the reversion of a fix of CVE-2015-5700.

  • CVE-2015-5700MedAug 25, 2017
    risk 0.40cvss 6.1epss 0.00

    mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write to arbitrary files via a symlink attack.

  • CVE-2026-28262MedJun 9, 2026
    risk 0.39cvss 6.0epss 0.00

    Dell iDRAC Tools, versions prior to 11.4.1.0, contains an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.

  • CVE-2026-49135HigJun 1, 2026
    risk 0.39cvss 7.1epss 0.00

    CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows local attackers to access sensitive credentials or tamper with build artifacts by exploiting predictable file paths in the release notarization workflow. Attackers with access to the…