Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.8 views

CVE-2026-31893

Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 through 9.0beta01, any local user can read arbitrary root-owned files by exploiting a symlink following vulnerability in tunnelblick-helper, reachable through the world-accessible tunnelblickd Unix...

6.8CVSS5.5AI score0.00242EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/05 6:55 p.m.5 views

CVE-2026-31893 Tunnelblick arbitrary file read via symlink following in tunnelblickd

Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 through 9.0beta01, any local user can read arbitrary root-owned files by exploiting a symlink following vulnerability in tunnelblick-helper, reachable through the world-accessible tunnelblickd Unix...

6.8CVSS5.9AI score0.00242EPSS
Exploits1References2
CVE
CVE
added 2026/05/05 6:55 p.m.380 views

CVE-2026-31893

CVE-2026-31893 describes a symlink-following vulnerability in Tunnelblick on macOS. From versions 3.3beta26 through 9.0beta01, a local user can cause tunnelblick-helper to read a root-owned file by leveraging a symlink to a target file via the world-accessible tunnelblickd Unix socket (mode 0666)...

6.8CVSS5.9AI score0.00242EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/05/05 6:55 p.m.36 views

CVE-2026-31893 Tunnelblick arbitrary file read via symlink following in tunnelblickd

Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 through 9.0beta01, any local user can read arbitrary root-owned files by exploiting a symlink following vulnerability in tunnelblick-helper, reachable through the world-accessible tunnelblickd Unix...

6.8CVSS0.00242EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Tunnelblick 安全漏洞

Tunnelblick is a graphical user interface tool for the OpenVPN client developed by Tunnelblick. There are security vulnerabilities in versions 3.3beta26 to 9.0beta01 of Tunnelblick. These vulnerabilities stem from a symbolic link follow-up vulnerability in tunnelblick-helper, which may allow any...

6.8CVSS5.8AI score0.00242EPSS
Exploits1References1
Rows per page
Query Builder