456 matches found
EUVD-2026-43545
AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order t...
EUVD-2026-43543
AnyDesk Support Information Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in orde...
CVE-2026-15684
Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Glarysoft Glary Utilities. An attacker must first obtain the ability to execute low-privileged code on the target system...
CVE-2026-15681
AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order t...
CVE-2026-15682
AnyDesk Support Information Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in orde...
CVE-2026-15681
Summary: CVE-2026-15681 affects AnyDesk. The flaw is in the handling of screen recording files: by creating a junction, a local attacker can cause the service to create arbitrary files, leading to a denial-of-service condition. Exploitation requires low-privilege code execution on the target syst...
CVE-2026-15681 AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability
AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order t...
CVE-2026-15684
CVE-2026-15684 affects Glarysoft Glary Utilities. The flaw resides in the Disk Clean functionality, where an attacker who can run low-privileged code can abuse a folder junction to delete arbitrary files, enabling a local privilege escalation to SYSTEM and potential arbitrary code execution. The ...
CVE-2026-33694
This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYST...
CVE-2026-44470
The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NT...
UBUNTU-CVE-2026-45842
In the Linux kernel, the following vulnerability has been resolved: slip: reject VJ receive packets on instances with no rstate array slhcinit accepts rslots == 0 as a valid configuration, with the documented meaning of 'no receive compression'. In that case the allocation loop in slhcinit is...
CVE-2026-44470
The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NT...
CVE-2026-44470 Claude Desktop: Local Privilege Escalation via Directory Junction in CoworkVMService
The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NT...
EUVD-2026-30049
The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NT...
CVE-2026-44470
The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NT...
CVE-2026-44470
CVE-2026-44470 affects the Claude Desktop application for Windows, specifically the CoworkVMService component. Prior to version 1.3834.0, the service ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NTFS directory junction before creating files. A loca...
Claude Code 后置链接漏洞
Claude Code is an open-source terminal-native AI programming tool developed by Anthropic. Versions of Claude Code prior to 1.3834.0 contained a post-installation vulnerability. This vulnerability stemmed from the CoworkVMService component running with SYSTEM privileges and without verifying wheth...
Norton Secure VPN Installation Insecure Operation On Junction Privilege Escalation Vulnerability
Talos Vulnerability Report TALOS-2025-2276 Norton Secure VPN Installation Insecure Operation On Junction Privilege Escalation Vulnerability May 4, 2026 CVE Number CVE-2025-58074 SUMMARY A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Stor...
Tenable Nessus Agent < 11.1.3 Arbitrary File Deletion (TNS-2026-12)
According to its self-reported version, the Tenable Nessus Agent running on the remote Windows host is prior to 11.1.3. It is, therefore, affected by an arbitrary file deletion vulnerability as referenced in the TNS-2026-12 advisory. - A vulnerability exists in Nessus Agent on Windows where an...
EUVD-2026-25265
This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYST...