VYPR

CWE-61

UNIX Symbolic Link (Symlink) Following

CompoundIncompleteLikelihood: High

Description

The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.

A product that allows UNIX symbolic links (symlink) as part of paths whether in internal code or through user input can allow an attacker to spoof the symbolic link and traverse the file system to unintended locations or access arbitrary files. The symbolic link can permit an attacker to read/write/corrupt a file that they originally did not have permissions to access.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-27

CVEs mapped to this weakness (97)

page 4 of 5
  • CVE-2026-35372MedApr 22, 2026
    risk 0.26cvss 5.0epss 0.00

    A logic error in the ln utility of uutils coreutils allows the utility to dereference a symbolic link target even when the --no-dereference (or -n) flag is explicitly provided. The implementation previously only honored the "no-dereference" intent if the --force (overwrite) mode…

  • CVE-2026-34446MedApr 1, 2026
    risk 0.24cvss 4.7epss 0.00

    Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. Prior to version 1.21.0, there is an issue in onnx.load, the code checks for symlinks to prevent path traversal, but completely misses hardlinks because a hardlink looks exactly like a…

  • CVE-2026-7397MedApr 29, 2026
    risk 0.22cvss 4.4epss 0.00

    A security flaw has been discovered in NousResearch hermes-agent 0.8.0. This affects the function _check_sensitive_path of the file tools/file_tools.py. The manipulation results in symlink following. Attacking locally is a requirement. The exploit has been released to the public…

  • CVE-2025-64750MedDec 2, 2025
    risk 0.22cvss 4.5epss 0.00

    SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label…

  • CVE-2024-34015LowNov 11, 2024
    risk 0.21cvss 3.3epss 0.00

    Sensitive information disclosure during file browsing due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892.

  • CVE-2026-8784MedMay 18, 2026
    risk 0.20cvss 4.2epss 0.00

    A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function change_file_status of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch…

  • CVE-2026-40354LowApr 11, 2026
    risk 0.12cvss 2.9epss 0.00

    Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on g_file_trash.

  • CVE-2026-12565Jun 17, 2026
    risk 0.00cvss epss 0.00

    The unarchive internal module's archive extraction commands perform no code-level validation on extracted file paths, relying entirely on the behavior of external tools (e.g. GNU tar) which varies by platform. While CVE-2025-10284 addressed git-specific RCE vectors, the…

  • CVE-2026-47763Jun 10, 2026
    risk 0.00cvss epss 0.00

    ## Summary PDM writes several project-local state or configuration files without symlink protection. If a malicious repository places those files as symlinks, local PDM operations can overwrite the symlink targets. This creates an arbitrary file clobber primitive relative to…

  • CVE-2026-33711Mar 26, 2026
    risk 0.00cvss epss 0.00

    Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to…

  • CVE-2026-33056Mar 20, 2026
    risk 0.00cvss epss 0.00

    tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and below, when unpacking a tar archive, the tar crate's unpack_dir function uses fs::metadata() to check whether a path that already exists is a directory. Because fs::metadata() follows symbolic…

  • CVE-2026-33001Mar 18, 2026
    risk 0.00cvss epss 0.01

    Jenkins 2.554 and earlier, LTS 2.541.2 and earlier does not safely handle symbolic links during the extraction of .tar and .tar.gz archives, allowing crafted archives to write files to arbitrary locations on the filesystem, restricted only by file system access permissions of…

  • CVE-2026-27485Feb 21, 2026
    risk 0.00cvss epss 0.00

    OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, skills/skill-creator/scripts/package_skill.py (a local helper script used when authors package skills) previously followed symlinks while building .skill archives. If an author runs this script on a crafted…

  • CVE-2026-25724Feb 6, 2026
    risk 0.00cvss epss 0.00

    Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code failed to strictly enforce deny rules configured in settings.json when accessing files through symbolic links. If a user explicitly denied Claude Code access to a file (such as /etc/passwd) and Claude…

  • CVE-2026-23986Jan 21, 2026
    risk 0.00cvss epss 0.00

    Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the…

  • CVE-2026-23968Jan 21, 2026
    risk 0.00cvss epss 0.00

    Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the…

  • CVE-2025-67818Dec 12, 2025
    risk 0.00cvss epss 0.01

    An issue was discovered in Weaviate OSS before 1.33.4. An attacker with access to insert data into the database can craft an entry name with an absolute path (e.g., /etc/...) or use parent directory traversal (../../..) to escape the restore root when a backup is restored,…

  • CVE-2025-67487Dec 9, 2025
    risk 0.00cvss epss 0.00

    Static Web Server (SWS) is a production-ready web server suitable for static web files or assets. Versions 2.40.0 and below contain symbolic links (symlinks) which can be used to access files or directories outside the intended web root folder. SWS generally does not prevent…

  • CVE-2025-65105Dec 2, 2025
    risk 0.00cvss epss 0.00

    Apptainer is an open source container platform. In Apptainer versions less than 1.4.5, a container can disable two of the forms of the little used --security option, in particular the forms --security=apparmor: and --security=selinux: which otherwise put…

  • CVE-2025-52881Nov 6, 2025
    risk 0.00cvss epss 0.01

    runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts (we…