Search Vulnerabilities

Crates in third party registries can override the cached source of other crates

npitre cramfs-tools cramfsck.c change_file_status symlink

Vvveb < 1.0.8.3 Unrestricted File Upload RCE via Plugin Upload

PostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser choice

A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbitrary system files or d...

zrok: WebDAV drive backend follows symlinks outside DriveRoot, enabling host filesystem read/write

Tunnelblick arbitrary file read via symlink following in tunnelblickd

IObit Advanced SystemCare Service ASC.exe symlink

OpenClaw 2026.3.22 < 2026.4.5 - Symlink Traversal in Remote Marketplace Repository Path Handling

NousResearch hermes-agent file_tools.py _check_sensitive_path symlink

Kata Containers: CopyFile Policy Subversion via Symlinks

uutils coreutils ln Security Bypass via Improper Handling of the --no-dereference Flag

Claude Code: Sandbox Escape via Symlink Following Allows Arbitrary File Write Outside Workspace

python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback

Flatpak xdg-desktop-portal before 1

Junos OS: A low privileged user can escalate their privileges so that they can login as root

OpenClaw <= 2026.2.22 - Symlink Traversal via IDENTITY.md appendFile in agents.create/update

Nix sandbox escape: file write via symlink at FOD `.tmp` copy destination

LiquidJS has a root restriction bypass for partial and layout loading through symlinked templates

Flatpak has a complete sandbox escape leading to host file access and code execution in the host context