528 matches found
CVE-2026-41091
Improper link resolution before file access 'link following' in Microsoft Defender allows an authorized attacker to elevate privileges locally...
CVE-2026-44051
An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows a remote authenticated attacker to read arbitrary files or overwrite arbitrary files via attacker-controlled symlink creation...
CVE-2026-41091
Improper link resolution before file access 'link following' in Microsoft Defender allows an authorized attacker to elevate privileges locally...
CVE-2026-42834
CVE-2026-42834 describes an elevation-of-privilege vulnerability in Windows Admin Center within Azure Portal caused by improper link resolution before file access ("link following"). An authorized attacker could exploit this locally to gain higher privileges on the affected system. Affected compo...
CVE-2026-42834
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network...
CVE-2026-41091
Improper link resolution before file access 'link following' in Microsoft Defender allows an authorized attacker to elevate privileges locally...
Microsoft Defender 后置链接漏洞
Microsoft Defender is a threat protection software developed by the American company Microsoft. Microsoft Defender has a postback link vulnerability, which stems from improper link resolution before file access. This vulnerability could allow authorized attackers to gain local privileges...
Microsoft Defender Elevation of Privilege Vulnerability
Improper link resolution before file access 'link following' in Microsoft Defender allows an authorized attacker to elevate privileges locally...
Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network...
VulnCheck KEV: CVE-2026-41091
Improper link resolution before file access 'link following' in Microsoft Defender allows an authorized attacker to elevate privileges locally...
Microsoft Azure Portal Windows Admin Center 后置链接漏洞
Microsoft Azure Portal Windows Admin Center is a Windows server and hybrid cloud management platform integrated with the Azure Portal by Microsoft Corporation. There is a postback link vulnerability in Microsoft Azure Portal Windows Admin Center, which stems from improper link resolution before...
PT-2026-42157
Name of the Vulnerable Software and Affected Versions Microsoft Defender affected versions not specified Description Improper link resolution before file access, also known as link following, in the Microsoft Malware Protection Engine allows an authorized attacker to elevate privileges locally to...
GHSA-CP6G-6699-WX9C vm2 has a NodeVM require.root bypass via symlink traversal that allows sandbox escape
Summary NodeVM's require.root path restriction can be bypassed using filesystem symlinks, allowing sandboxed code to load modules from outside the allowed root directory in host context. Because path validation uses path.resolve which does not dereference symlinks but module loading uses Node's...
CVE-2026-5161
Improper link resolution before file access 'link following' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before 1.2.2...
Astra Linux - уязвимость в libarchive
An improper link resolution flaw while extracting an archive can lead to changing the access control list ACL of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw...
EUVD-2026-26236
Improper link resolution before file access 'link following' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before v1.2.1...
CVE-2026-5161
Improper link resolution before file access 'link following' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before 1.2.2...
PT-2026-35971
Name of the Vulnerable Software and Affected Versions Dell/Alienware Purchased Apps versions prior to 1.1.31.0 Description An improper link resolution before file access, also known as link following, allows a low privileged attacker with local access to perform an arbitrary file write. Link...
TÜBİTAK BİLGEM Pardus About 后置链接漏洞
TÜBİTAK BİLGEM Pardus About is a component module of the Turkish company TÜBİTAK BİLGEM that provides functionality for displaying operating system information and system descriptions. Versions of TÜBİTAK BİLGEM Pardus About prior to 1.2.1 had a post-link vulnerability; this vulnerability stemmed...
CVE-2026-32212
Improper link resolution before file access 'link following' in Universal Plug and Play upnp.dll allows an authorized attacker to disclose information locally...