Search Vulnerabilities

Zed Extension Sandbox Escape via Tar Symlink Following

Feb 25, 2026

CVE-2026-27485

OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection

Feb 21, 2026

CVE-2026-25724

LOW

Claude Code Has Permission Deny Bypass Through Symbolic Links

Feb 6, 2026

CVE-2026-1386

Arbitrary Host File Overwrite via Symlink in Firecracker Jailer

Jan 23, 2026

CVE-2026-24047

@backstage/cli-common has a possible `resolveSafeChildPath` Symlink Chain Bypass

CVE-2026-23986

Copier safe template has arbitrary filesystem write access via directory symlinks when _preserve_symlinks: true

CVE-2026-23968

Copier safe template has arbitrary filesystem read access via symlinks when _preserve_symlinks: false

CVE-2025-68937

CRITICAL

Forgejo before 13

Dec 25, 2025

CVE-2025-33225

NVIDIA Resiliency Extension for Linux contains a vulnerability in log aggregation, where an attacker could cause predictable log-file names

Dec 16, 2025

CVE-2025-14693

Ugreen DH2100+ USB symlink

Dec 15, 2025

CVE-2025-67487

Static Web Server is vulnerable to symbolic link Path Traversal

Dec 9, 2025

CVE-2025-66431

WebPros Plesk before 18

Dec 3, 2025

CVE-2025-65105

Apptainer ineffective application of selinux and apparmor --security options

CVE-2025-64750

Singluarity ineffectively applies of selinux / apparmor LSM process labels

CVE-2025-62724

Open OnDemand allowlist bypass using symlinks in directory downloads (TOCTOU)

Nov 20, 2025

CVE-2025-52881

runc: LSM labels can be bypassed with malicious config using dummy procfs files

CVE-2025-52565

container escape due to /dev/console mount and related races

CVE-2025-31133

runc container escape via "masked path" abuse due to mount race conditions

CVE-2025-62596

youki container escape and denial of service due to arbitrary write gadgets and procfs write redirects

CVE-2025-62161

youki container escape via "masked path" abuse due to mount race conditions

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-27976

Zed Extension Sandbox Escape via Tar Symlink Following

Feb 25, 2026

CVE-2026-27485

OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection

Feb 21, 2026

CVE-2026-25724

LOW

Claude Code Has Permission Deny Bypass Through Symbolic Links

Feb 6, 2026

CVE-2026-1386

Arbitrary Host File Overwrite via Symlink in Firecracker Jailer

Jan 23, 2026

CVE-2026-24047

@backstage/cli-common has a possible `resolveSafeChildPath` Symlink Chain Bypass

CVE-2026-23986

Copier safe template has arbitrary filesystem write access via directory symlinks when _preserve_symlinks: true

CVE-2026-23968

Copier safe template has arbitrary filesystem read access via symlinks when _preserve_symlinks: false

CVE-2025-68937

CRITICAL

Forgejo before 13

Dec 25, 2025

CVE-2025-33225

NVIDIA Resiliency Extension for Linux contains a vulnerability in log aggregation, where an attacker could cause predictable log-file names

Dec 16, 2025

CVE-2025-14693

Ugreen DH2100+ USB symlink

Dec 15, 2025

CVE-2025-67487

Static Web Server is vulnerable to symbolic link Path Traversal

Dec 9, 2025

CVE-2025-66431

WebPros Plesk before 18

Dec 3, 2025

CVE-2025-65105

Apptainer ineffective application of selinux and apparmor --security options

CVE-2025-64750

Singluarity ineffectively applies of selinux / apparmor LSM process labels

CVE-2025-62724

Open OnDemand allowlist bypass using symlinks in directory downloads (TOCTOU)

Nov 20, 2025

CVE-2025-52881

runc: LSM labels can be bypassed with malicious config using dummy procfs files

CVE-2025-52565

container escape due to /dev/console mount and related races

CVE-2025-31133

runc container escape via "masked path" abuse due to mount race conditions

CVE-2025-62596

youki container escape and denial of service due to arbitrary write gadgets and procfs write redirects

CVE-2025-62161

youki container escape via "masked path" abuse due to mount race conditions