CVE-2026-44274

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain an Improper Link Resolution Before File Access vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

UBUNTU-CVE-2026-45491

Improper link resolution before file access 'link following' in .NET allows an unauthorized attacker to perform tampering locally...

CVE-2026-42989

Winlogon Elevation of Privilege (CVE-2026-42989) is caused by improper link resolution before file access ("link following"). This vulnerability allows an authorized, local attacker to gain higher privileges. Affected: Winlogon component on Windows; impact is local privilege escalation with a CVS...

CVE-2026-45491

CVE-2026-45491 concerns an improper link resolution before file access ('link following') in .NET, enabling a local attacker to tamper with files. The description from NVD/CVE records specifies local attack vector with low attack complexity and no user interaction, resulting in potential integrit...

Microsoft PC Manager Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Microsoft PC Manager allows an authorized attacker to elevate privileges locally...

CVE-2026-28262

Dell iDRAC Tools, versions prior to 11.4.1.0, contains an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

Dell Inventory Collector Client 安全漏洞

Dell Inventory Collector Client is a terminal asset inventory tool developed by the American company Dell. Versions of Dell Inventory Collector Client prior to version 13.8.0 contained security vulnerabilities. These vulnerabilities were caused by improper link resolution before file access, whic...

CVE-2026-42834

Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network...

CVE-2026-41091

Improper link resolution before file access 'link following' in Microsoft Defender allows an authorized attacker to elevate privileges locally...

Microsoft Defender 后置链接漏洞

Microsoft Defender is a threat protection software developed by the American company Microsoft. Microsoft Defender has a postback link vulnerability, which stems from improper link resolution before file access. This vulnerability could allow authorized attackers to gain local privileges...

Microsoft Defender Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Microsoft Defender allows an authorized attacker to elevate privileges locally...

Microsoft Azure Portal Windows Admin Center 后置链接漏洞

Microsoft Azure Portal Windows Admin Center is a Windows server and hybrid cloud management platform integrated with the Azure Portal by Microsoft Corporation. There is a postback link vulnerability in Microsoft Azure Portal Windows Admin Center, which stems from improper link resolution before...

GHSA-CP6G-6699-WX9C vm2 has a NodeVM require.root bypass via symlink traversal that allows sandbox escape

Summary NodeVM's require.root path restriction can be bypassed using filesystem symlinks, allowing sandboxed code to load modules from outside the allowed root directory in host context. Because path validation uses path.resolve which does not dereference symlinks but module loading uses Node's...

CVE-2026-5161

Improper link resolution before file access 'link following' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before 1.2.2...

TÜBİTAK BİLGEM Pardus About 后置链接漏洞

TÜBİTAK BİLGEM Pardus About is a component module of the Turkish company TÜBİTAK BİLGEM that provides functionality for displaying operating system information and system descriptions. Versions of TÜBİTAK BİLGEM Pardus About prior to 1.2.1 had a post-link vulnerability; this vulnerability stemmed...

PT-2026-35971

Name of the Vulnerable Software and Affected Versions Dell/Alienware Purchased Apps versions prior to 1.1.31.0 Description An improper link resolution before file access, also known as link following, allows a low privileged attacker with local access to perform an arbitrary file write. Link...