EUVD-2026-38496

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper link resolution before file access. An attacker can modify local files by exploiting symbolic links to redirect file operations to unintended locations. Remediation Upgrade Microsoft.NetCore.App.Runtime.win-a...

Advisory ROSA-SA-2026-3308

CVE-ID: CVE-2020-24332 BDU-ID: None CVE-Crit: HIGH CVE-DESCRIPTION: The vulnerability in the tcsd daemon of the TrouSerS package relates to the possibility of attacks through symbolic links when creating the system.data file. It allows a local malicious actor tss user to create or damage arbitrar...

pam_usb 授权问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 have a vulnerability related to authorization issues. This vulnerability stems from symbolic link attacks involving the pad directory and pad files,...

CVE-2026-34883

An issue was discovered in the Portrait Dell Color Management application before 3.7.0 for Dell monitors. On Windows, a symbolic link vulnerability allows a local low-privileged user to escalate privileges to Administrator. During installation, the software writes the file CCFLFamily07Feb11.edr t...

Garmin WDU 安全漏洞

Garmin WDU is a wireless data unit developed by Garmin Corporation, designed for data updates and maintenance of aviation electronic devices. Versions 1.1.6 and 2.5.0 of Garmin WDU contain security vulnerabilities. These vulnerabilities stem from the ability to allow symbolic link attacks, which...

EUVD-2026-24994

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the install utility of uutils coreutils when using the -D flag. The command creates parent directories and subsequently performs a second path resolution to create the target file, neither of which is anchored to a directory file...

CVE-2026-35364

A Time-of-Check to Time-of-Use TOCTOU race condition exists in the mv utility of uutils coreutils during cross-device operations. The utility removes the destination path before recreating it through a copy operation. A local attacker with write access to the destination directory can exploit thi...

Juniper Junos OS Vulnerability (JSA107807)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA107807 advisory. - A UNIX Symbolic Link Symlink Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their...

PT-2026-24824

Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...

CVE-2026-3343

A reflected cross-site scripting XSS vulnerability in the Fireware OS Web UI enabled execution of malicious JavaScript in the context of an authenticated management user's browser when they click on a specially crafted link. This vulnerability affects Fireware OS 12.7 up to and including 12.11.7...

virtualenv 竞争条件问题漏洞

Virtualenv is an open source Python virtual environment builder from Python Packaging Authority. A competing conditional issue vulnerability exists in versions prior to virtualenv 20.36.1, which stems from a TOCTOU vulnerability in the directory creation operation that could lead to a symbolic...

CVE-2019-20000

The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted...

CVE-2019-16896

In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll aka the backup module improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality...

CVE-2026-21483 listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover

listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to version 6.0.0, lower-privileged user with campaign management permissions can inject malicious JavaScript into campaigns or templates. When a higher-privileged user Super Admin views or previews this content, the...

CVE-2025-12581

The Attachments Handler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in page...

Exploit for CVE-2025-63945

CVE-2025-63945 Tencent iOA EoP Version : before 210.9.28693...

Exploit for CVE-2025-63946

CVE-2025-63946 Tencent PC Manager EoP version: PCManager Ver...

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS suffers from a security vulnerability that stems from a symbolic link attack that could lead to elevation of privilege...

CVE-2025-9870 Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability

Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target...