Lucene search
K

456 matches found

EUVD
EUVD
added yesterday4 views

EUVD-2026-43545

AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order t...

4.7CVSS6.3AI score0.001EPSS
Exploits0References2
EUVD
EUVD
added yesterday4 views

EUVD-2026-43543

AnyDesk Support Information Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in orde...

4.7CVSS6.3AI score0.001EPSS
Exploits0References2
NVD
NVD
added 2 days ago3 views

CVE-2026-15684

Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Glarysoft Glary Utilities. An attacker must first obtain the ability to execute low-privileged code on the target system...

7.3CVSS0.00142EPSS
Exploits0References1
NVD
NVD
added 2 days ago3 views

CVE-2026-15681

AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order t...

5.5CVSS0.001EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-15682

AnyDesk Support Information Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in orde...

5.5CVSS0.001EPSS
Exploits0References1
CVE
CVE
added 2 days ago6 views

CVE-2026-15681

Summary: CVE-2026-15681 affects AnyDesk. The flaw is in the handling of screen recording files: by creating a junction, a local attacker can cause the service to create arbitrary files, leading to a denial-of-service condition. Exploitation requires low-privilege code execution on the target syst...

5.5CVSS6.3AI score0.001EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-15681 AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability

AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order t...

4.7CVSS0.001EPSS
Exploits0References1
CVE
CVE
added 2 days ago7 views

CVE-2026-15684

CVE-2026-15684 affects Glarysoft Glary Utilities. The flaw resides in the Disk Clean functionality, where an attacker who can run low-privileged code can abuse a folder junction to delete arbitrary files, enabling a local privilege escalation to SYSTEM and potential arbitrary code execution. The ...

7.3CVSS7.2AI score0.00142EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.8 views

CVE-2026-33694

This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYST...

8.6CVSS5.9AI score0.00146EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.9 views

CVE-2026-44470

The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NT...

8.5CVSS5.6AI score0.00156EPSS
Exploits0References1
OSV
OSV
added 2026/05/27 11:16 a.m.6 views

UBUNTU-CVE-2026-45842

In the Linux kernel, the following vulnerability has been resolved: slip: reject VJ receive packets on instances with no rstate array slhcinit accepts rslots == 0 as a valid configuration, with the documented meaning of 'no receive compression'. In that case the allocation loop in slhcinit is...

6.8CVSS5.8AI score0.00114EPSS
Exploits0References3
NVD
NVD
added 2026/05/13 4:16 p.m.33 views

CVE-2026-44470

The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NT...

8.5CVSS0.00156EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 3:41 p.m.54 views

CVE-2026-44470 Claude Desktop: Local Privilege Escalation via Directory Junction in CoworkVMService

The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NT...

8.5CVSS0.00156EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/13 3:41 p.m.11 views

EUVD-2026-30049

The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NT...

8.5CVSS5.9AI score0.00156EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/13 3:41 p.m.6 views

CVE-2026-44470

The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NT...

8.5CVSS5.9AI score0.00156EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/13 3:41 p.m.33 views

CVE-2026-44470

CVE-2026-44470 affects the Claude Desktop application for Windows, specifically the CoworkVMService component. Prior to version 1.3834.0, the service ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NTFS directory junction before creating files. A loca...

8.5CVSS5.9AI score0.00156EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

Claude Code 后置链接漏洞

Claude Code is an open-source terminal-native AI programming tool developed by Anthropic. Versions of Claude Code prior to 1.3834.0 contained a post-installation vulnerability. This vulnerability stemmed from the CoworkVMService component running with SYSTEM privileges and without verifying wheth...

8.5CVSS5.8AI score0.00156EPSS
Exploits0References1
Talos
Talos
added 2026/05/04 12:0 a.m.22 views

Norton Secure VPN Installation Insecure Operation On Junction Privilege Escalation Vulnerability

Talos Vulnerability Report TALOS-2025-2276 Norton Secure VPN Installation Insecure Operation On Junction Privilege Escalation Vulnerability May 4, 2026 CVE Number CVE-2025-58074 SUMMARY A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Stor...

8.8CVSS5.9AI score0.00127EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.25 views

Tenable Nessus Agent < 11.1.3 Arbitrary File Deletion (TNS-2026-12)

According to its self-reported version, the Tenable Nessus Agent running on the remote Windows host is prior to 11.1.3. It is, therefore, affected by an arbitrary file deletion vulnerability as referenced in the TNS-2026-12 advisory. - A vulnerability exists in Nessus Agent on Windows where an...

8.6CVSS5.9AI score0.00146EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/23 9:31 p.m.24 views

EUVD-2026-25265

This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYST...

8.6CVSS6.1AI score0.00146EPSS
Exploits0References3
Rows per page
Query Builder