Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-59 (在文件访问前对链接解析不恰当(链接跟随)) — Vulnerability Class 425

425 vulnerabilities classified as CWE-59 (在文件访问前对链接解析不恰当(链接跟随)). AI Chinese analysis included.

CWE-59 represents a critical input validation weakness where software fails to properly resolve symbolic links or shortcuts before accessing a file. Attackers typically exploit this vulnerability by crafting malicious links that point to sensitive system files or directories outside the intended scope. When the application resolves these links without adequate checks, it inadvertently grants access to unauthorized resources, potentially leading to data leakage, privilege escalation, or remote code execution. To mitigate this risk, developers must implement rigorous link resolution controls, ensuring that all file paths are canonicalized and verified against a strict allowlist before any I/O operations occur. Utilizing secure API functions that explicitly handle link following, combined with strict permission checks on the final resolved path, effectively prevents attackers from leveraging symlinks to bypass security boundaries and access unintended system components.

MITRE CWE Description
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Common Consequences (2)
Confidentiality, Integrity, Access ControlRead Files or Directories, Modify Files or Directories, Bypass Protection Mechanism
An attacker may be able to traverse the file system to unintended locations and read or overwrite the contents of unexpected files. If the files are used for a security mechanism then an attacker may be able to bypass the mechanism.
OtherExecute Unauthorized Code or Commands
Windows simple shortcuts, sometimes referred to as soft links, can be exploited remotely since a ".LNK" file can be uploaded like a normal file. This can enable remote execution.
Mitigations (1)
Architecture and DesignFollow the principle of least privilege when assigning access rights to entities in a software system. Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted.
CVE IDTitleCVSSSeverityPublished
CVE-2026-28689 ImageMagick has a Path Policy TOCTOU symlink race bypass — ImageMagick 6.3 Medium2026-03-09
CVE-2026-27748 Avira Internet Security Arbitrary File Deletion via Improper Link Resolution — Avira Internet Security 7.8 High2026-03-05
CVE-2026-27905 BentoML has an Arbitrary File Write via Symlink Path Traversal in Tar Extraction — BentoML 7.4AIHighAI2026-03-03
CVE-2026-25906 Dell Optimizer 后置链接漏洞 — Optimizer 7.3 High2026-03-03
CVE-2026-27967 Symlink Escape in Agent File Tools — zed 7.1 High2026-02-25
CVE-2026-2490 RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability — Client for Windows 5.5AIMediumAI2026-02-20
CVE-2026-2627 Softland FBackup Backup/Restore HID.dll link following — FBackup 7.8 High2026-02-17
CVE-2026-26225 Intego Personal Backup Task File Privilege Escalation — Personal Backup 7.8AIHighAI2026-02-12
CVE-2025-66277 QTS, QuTS hero — QTS 7.5AIHighAI2026-02-11
CVE-2026-21517 Windows App for Mac Installer Elevation of Privilege Vulnerability — Windows App for Mac 4.7 Medium2026-02-10
CVE-2025-62676 Fortinet FortiClientWindows 后置链接漏洞 — FortiClientWindows 6.4 High2026-02-10
CVE-2025-15314 Tanium addressed an arbitrary file deletion vulnerability in end-user-cx. — end-user-cx 5.5 Medium2026-02-09
CVE-2025-15313 Tanium addressed an arbitrary file deletion vulnerability in Tanium EUSS. — Tanium EUSS 5.5 Medium2026-02-09
CVE-2025-15310 Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools. — Patch Endpoint Tools 7.8 High2026-02-09
CVE-2025-15318 Tanium addressed an arbitrary file deletion vulnerability in End-User Notifications Endpoint Tools. — End-User Notifications Endpoint Tools 5.1 Medium2026-02-09
CVE-2025-15319 Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools. — Patch Endpoint Tools 7.8 High2026-02-09
CVE-2026-21419 Dell Display and Peripheral Manager 后置链接漏洞 — Display and Peripheral Manager (Windows) 6.6 Medium2026-02-09
CVE-2025-15324 Tanium addressed a local privilege escalation vulnerability in Engage. — Engage 6.6 Medium2026-02-05
CVE-2025-15328 Tanium addressed an improper link resolution before file access vulnerability in Enforce. — Enforce 5.0 Medium2026-02-05
CVE-2026-24884 Compressing Vulnerable to Arbitrary File Write via Symlink Extraction — compressing 8.4 High2026-02-04
CVE-2025-15543 Read-Only Root Access via USB Storage Device in TP-Link VX800v — VX800v v1.0 4.6AIMediumAI2026-01-29
CVE-2025-15541 Access to System Files via SFTP on TP-Link VX800v — VX800v v1.0 5.7AIMediumAI2026-01-29
CVE-2026-23563 Privilege escalation in TeamViewer DEX via DeleteFileByPath instruction — DEX 5.7 Medium2026-01-29
CVE-2026-23893 openCryptoki has improper link resolution before file access (link following) — opencryptoki 6.8 Medium2026-01-22
CVE-2026-24047 @backstage/cli-common has a possible `resolveSafeChildPath` Symlink Chain Bypass — backstage 6.3 Medium2026-01-21
CVE-2025-13154 Lenovo Vantage 安全漏洞 — Vantage 5.5 Medium2026-01-14
CVE-2026-20941 Host Process for Windows Tasks Elevation of Privilege Vulnerability — Windows 11 Version 24H2 7.8 High2026-01-13
CVE-2026-22702 virtualenv Has TOCTOU Vulnerabilities in Directory Creation — virtualenv 4.5 Medium2026-01-10
CVE-2026-22701 filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock — filelock 5.3 Medium2026-01-10
CVE-2025-12838 MSP360 Free Backup Link Following Local Privilege Escalation Vulnerability — Free Backup 7.3AIHighAI2025-12-23

Vulnerabilities classified as CWE-59 (在文件访问前对链接解析不恰当(链接跟随)) represent 425 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.