CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/05/05 6:55 p.m.•0 views

CVE-2026-31893

Exploits1References3Affected Software1

Vulnrichment•added 2026/05/05 6:55 p.m.•2 views

CVE-2026-31893 Tunnelblick arbitrary file read via symlink following in tunnelblickd

EUVD•added 2026/05/05 6:55 p.m.•2 views

EUVD-2026-27434

CVE•added 2026/05/05 6:55 p.m.•356 views

CVE-2026-31893

CVE-2026-31893 describes a symlink-following vulnerability in Tunnelblick on macOS. From versions 3.3beta26 through 9.0beta01, a local user can cause tunnelblick-helper to read a root-owned file by leveraging a symlink to a target file via the world-accessible tunnelblickd Unix socket (mode 0666)...

Exploits1References2Affected Software1

Cvelist•added 2026/05/05 6:55 p.m.•31 views

CVE-2026-31893 Tunnelblick arbitrary file read via symlink following in tunnelblickd

6.8CVSS0.00005EPSS

CNNVD•added 2026/05/05 12:0 a.m.•2 views

Tunnelblick 安全漏洞

Tunnelblick is a graphical user interface tool for the OpenVPN client developed by Tunnelblick. There are security vulnerabilities in versions 3.3beta26 to 9.0beta01 of Tunnelblick. These vulnerabilities stem from a symbolic link follow-up vulnerability in tunnelblick-helper, which may allow any...

6.8CVSS5.8AI score0.00005EPSS

Exploits1References1

Positive Technologies•added 2026/05/05 12:0 a.m.•3 views

PT-2026-37217

Name of the Vulnerable Software and Affected Versions Tunnelblick versions 3.3beta26 through 9.0beta01 Description Tunnelblick is an open source graphic user interface for OpenVPN on macOS. A symlink following issue exists in the tunnelblick-helper process, which is accessible via the...

EUVD•added 2025/10/07 12:30 a.m.•2 views

Exploits1References6

EUVD-2012-4601

Malware in sbrugna...

1.2CVSS6.4AI score0.0002EPSS

Exploits6References4

4.4CVSS6.4AI score0.00017EPSS

EUVD-2012-4602

Malware in sbrugna...

1.2CVSS6.4AI score0.00023EPSS

EUVD-2012-3443

Malware in sbrugna...

Exploits0References4

7.2CVSS6.4AI score0.00025EPSS

EUVD-2012-3440

Malware in sbrugna...

Exploits0References4

6.2CVSS6.4AI score0.00593EPSS

EUVD-2012-3439

Malware in sbrugna...

Exploits0References5

6.9CVSS6.4AI score0.00033EPSS

EUVD-2012-3442

Malware in sbrugna...

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-20098

Malicious code in bioql PyPI...

8.1CVSS6.5AI score0.00068EPSS

RedhatCVE•added 2025/07/06 12:10 a.m.•5 views

CVE-2025-43711

Tunnelblick 3.5beta06 before 7.0, when incompletely uninstalled, allows attackers to execute arbitrary code as root upon the next boot by dragging a crafted Tunnelblick.app file into /Applications...

8.1CVSS7.4AI score0.00068EPSS

Exploits0References1

NVD•added 2025/07/05 12:15 a.m.•3 views

CVE-2025-43711

Tunnelblick 3.5beta06 before 7.0, when incompletely uninstalled, allows attackers to execute arbitrary code as root upon the next boot by dragging a crafted Tunnelblick.app file into /Applications...

8.1CVSS0.00068EPSS

Vulnrichment•added 2025/07/04 12:0 a.m.•3 views

CVE-2025-43711

Tunnelblick 3.5beta06 before 7.0, when incompletely uninstalled, allows attackers to execute arbitrary code as root upon the next boot by dragging a crafted Tunnelblick.app file into /Applications...

8.1CVSS8AI score0.00068EPSS

CNNVD•added 2025/07/04 12:0 a.m.•1 views

Tunnelblick 安全漏洞

Tunnelblick is an OpenVPN client GUI tool from Tunnelblick Open Source. A security vulnerability exists in Tunnelblick versions prior to 7.0 that stems from an incomplete uninstallation that allows execution of arbitrary root code...

8.1CVSS6.8AI score0.00068EPSS

Exploits0References1

CVE•added 2025/07/04 12:0 a.m.•14 views

CVE-2025-43711

Tunnelblick 3.5beta06 before 7.0 is vulnerable to arbitrary code execution as root on the next boot when a crafted Tunnelblick.app is dragged into /Applications, due to incomplete uninstallation. Affected: Tunnelblick versions 3.5beta06–7.0 (per conflicting sources). Remediation: upgrade to a new...

8.1CVSS7.4AI score0.00068EPSS