Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CWE-59 (在文件访问前对链接解析不恰当(链接跟随)) — Vulnerability Class 464

464 vulnerabilities classified as CWE-59 (在文件访问前对链接解析不恰当(链接跟随)). AI Chinese analysis included.

CWE-59 represents a critical input validation weakness where software fails to properly resolve symbolic links or shortcuts before accessing a file. Attackers typically exploit this vulnerability by crafting malicious links that point to sensitive system files or directories outside the intended scope. When the application resolves these links without adequate checks, it inadvertently grants access to unauthorized resources, potentially leading to data leakage, privilege escalation, or remote code execution. To mitigate this risk, developers must implement rigorous link resolution controls, ensuring that all file paths are canonicalized and verified against a strict allowlist before any I/O operations occur. Utilizing secure API functions that explicitly handle link following, combined with strict permission checks on the final resolved path, effectively prevents attackers from leveraging symlinks to bypass security boundaries and access unintended system components.

MITRE CWE Description
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Common Consequences (2)
Confidentiality, Integrity, Access ControlRead Files or Directories, Modify Files or Directories, Bypass Protection Mechanism
An attacker may be able to traverse the file system to unintended locations and read or overwrite the contents of unexpected files. If the files are used for a security mechanism then an attacker may be able to bypass the mechanism.
OtherExecute Unauthorized Code or Commands
Windows simple shortcuts, sometimes referred to as soft links, can be exploited remotely since a ".LNK" file can be uploaded like a normal file. This can enable remote execution.
Mitigations (1)
Architecture and DesignFollow the principle of least privilege when assigning access rights to entities in a software system. Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted.
CVE IDTitleCVSSSeverityPublished
CVE-2026-54230 Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites — Red Hat Enterprise Linux 6 7.0 High2026-06-13
CVE-2026-54056 Kitty has an arbitrary file overwrite via symlink following in `kitten dnd` remote drop staging — kitty 7.6 High2026-06-12
CVE-2026-54055 Kitty has an Arbitrary File Write via Symlink Race Condition in File Transmission Protocol — kitty 5.0 Medium2026-06-12
CVE-2026-45384 bit7z: Arbitrary File Overwrite via Symlink Attack on Predictable Temp File During Archive Update — bit7z 6.1 Medium2026-06-10
CVE-2026-53476 Assisted-migration-agent: vddk tarball chained-symlink arbitrary file write 9.6 Critical2026-06-10
CVE-2026-11837 Ansible-collection-ansible-posix: ansible.posix authorized_key: local privilege escalation via symlink-following chown — Red Hat Enterprise Linux 10 7.3 High2026-06-10
CVE-2026-44275 Dell/Alienware Purchased Apps <1.1.32.0任意文件写入漏洞 — Dell/Alienware Purchased Apps 6.3 Medium2026-06-09
CVE-2026-50511 Microsoft PC Manager Elevation of Privilege Vulnerability — Microsoft PC Manager 7.8 High2026-06-09
CVE-2026-42989 Winlogon Elevation of Privilege Vulnerability — Windows 10 Version 1607 7.8 High2026-06-09
CVE-2026-45586 Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability — Windows 10 Version 1607 7.8 High2026-06-09
CVE-2026-45491 .NET Tampering Vulnerability — .NET 10.0 6.2 Medium2026-06-09
CVE-2026-28262 Dell iDRAC Tools <11.4.1.0 链接解析漏洞 — iDRAC Tools 6.0 Medium2026-06-09
CVE-2026-11322 Hermes WebUI before 0.51.221 Path Traversal via Symlink Workspace Bypass — Hermes WebUI 6.5 Medium2026-06-04
CVE-2026-41236 Froxlor has privilege escalation in SSH key synchronization via symlinked `authorized_keys` path — froxlor 8.8 High2026-06-04
CVE-2026-42795 Symlink Following in Hex Package Export Allows Embedding Files Outside Project Root — Gleam--2026-06-02
CVE-2026-40861 Apache Airflow: Arbitrary File Read via Log Symlink following in FileTaskHandler — Apache Airflow--2026-06-01
CVE-2026-6892 Canon CUPS Printer Driver 安全漏洞 — Canon PIXUS iX6800 Series CUPS Printer Driver for macOS 5.0 Medium2026-05-29
CVE-2026-6891 Canon My Image Garden 安全漏洞 — My Image Garden for macOS 5.0 Medium2026-05-28
CVE-2026-45403 AnythingLLM: filesystem-copy-file follows nested symlinks and copies files from outside the allowed directory — anything-llm 2.0 Low2026-05-28
CVE-2026-44881 Portainer: Arbitrary File Read via Git Symlink Injection in Stack Auto-Update — portainer--2026-05-28
CVE-2026-9804 Kubevirt: kubevirt: vmexport directory symlink escape enables exporter pod file read — Red Hat OpenShift Virtualization 4 7.7 High2026-05-28
CVE-2026-44711 pam_usb: Symlink attacks on pad directory and pad files enable authentication bypass and root file corruption — pam_usb 7.9 High2026-05-27
CVE-2026-7374 Kubevirt: kubevirt virt-handler: privilege escalation and node compromise via symlink following vulnerability — Red Hat Container Native Virtualization 4.12 9.9 Critical2026-05-26
CVE-2026-42497 Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory — Archive::Tar--2026-05-26
CVE-2026-42496 Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory — Archive::Tar--2026-05-26
CVE-2026-40610 BentoML has Information Disclosure in `bentoml build` via symlink traversal in the build context — BentoML 5.5 Medium2026-05-22
CVE-2025-71212 Trend Micro Apex One 后置链接漏洞 — TrendAI Apex One 7.8 High2026-05-21
CVE-2026-44051 Arbitrary file read via attacker-controlled symlink creation — Netatalk 8.1 High2026-05-21
CVE-2026-42834 Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability — Windows Admin Center in Azure Portal 7.8 High2026-05-20
CVE-2026-41091 Microsoft Defender Elevation of Privilege Vulnerability — Microsoft Malware Protection Engine 7.8 High2026-05-20

Vulnerabilities classified as CWE-59 (在文件访问前对链接解析不恰当(链接跟随)) represent 464 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.