Common Weakness Enumeration
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Back to CWE stats page
CWE-61
UNIX Symbolic Link (Symlink) Following
The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.
CVE-2026-39861 (GCVE-0-2026-39861)
Vulnerability from cvelistv5 – Published: 2026-04-21 00:56 – Updated: 2026-04-21 13:44
VLAI
Title
Claude Code: Sandbox Escape via Symlink Following Allows Arbitrary File Write Outside Workspace
Summary
Claude Code is an agentic coding tool. Prior to version 2.1.64, Claude Code's sandbox did not prevent sandboxed processes from creating symlinks pointing to locations outside the workspace. When Claude Code subsequently wrote to a path within such a symlink, its unsandboxed process followed the symlink and wrote to the target location outside the workspace without prompting the user for confirmation. This allowed a sandbox escape where neither the sandboxed command nor the unsandboxed app could independently write outside the workspace, but their combination could write to arbitrary locations, potentially leading to code execution outside the sandbox. Reliably exploiting this required the ability to add untrusted content into a Claude Code context window to trigger sandboxed code execution via prompt injection. Users on standard Claude Code auto-update have received this fix automatically. Users performing manual updates are advised to update to version 2.1.64 or later.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/anthropics/claude-code/securit… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| anthropics | claude-code |
Affected:
< 2.1.64
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-39861",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-21T13:44:29.934669Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-21T13:44:49.618Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "claude-code",
"vendor": "anthropics",
"versions": [
{
"status": "affected",
"version": "\u003c 2.1.64"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Claude Code is an agentic coding tool. Prior to version 2.1.64, Claude Code\u0027s sandbox did not prevent sandboxed processes from creating symlinks pointing to locations outside the workspace. When Claude Code subsequently wrote to a path within such a symlink, its unsandboxed process followed the symlink and wrote to the target location outside the workspace without prompting the user for confirmation. This allowed a sandbox escape where neither the sandboxed command nor the unsandboxed app could independently write outside the workspace, but their combination could write to arbitrary locations, potentially leading to code execution outside the sandbox. Reliably exploiting this required the ability to add untrusted content into a Claude Code context window to trigger sandboxed code execution via prompt injection. Users on standard Claude Code auto-update have received this fix automatically. Users performing manual updates are advised to update to version 2.1.64 or later."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-21T00:56:39.062Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/anthropics/claude-code/security/advisories/GHSA-vp62-r36r-9xqp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/anthropics/claude-code/security/advisories/GHSA-vp62-r36r-9xqp"
}
],
"source": {
"advisory": "GHSA-vp62-r36r-9xqp",
"discovery": "UNKNOWN"
},
"title": "Claude Code: Sandbox Escape via Symlink Following Allows Arbitrary File Write Outside Workspace"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-39861",
"datePublished": "2026-04-21T00:56:39.062Z",
"dateReserved": "2026-04-07T19:13:20.379Z",
"dateUpdated": "2026-04-21T13:44:49.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-40354 (GCVE-0-2026-40354)
Vulnerability from cvelistv5 – Published: 2026-04-11 00:29 – Updated: 2026-04-15 15:14
VLAI
Summary
Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on g_file_trash.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-61 - UNIX Symbolic Link (Symlink) Following
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Flatpak | xdg-desktop-portal |
Affected:
0 , < 1.20.4
(semver)
Affected: 1.21.0 , < 1.21.1 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-40354",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-15T15:13:04.765142Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-15T15:14:27.291Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "xdg-desktop-portal",
"vendor": "Flatpak",
"versions": [
{
"lessThan": "1.20.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.21.1",
"status": "affected",
"version": "1.21.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on g_file_trash."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-11T00:29:03.467Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/flatpak/xdg-desktop-portal/releases/tag/1.21.1"
},
{
"url": "https://github.com/flatpak/xdg-desktop-portal/releases/tag/1.20.4"
},
{
"url": "https://www.openwall.com/lists/oss-security/2026/04/10/14"
},
{
"url": "https://github.com/flatpak/xdg-desktop-portal/security/advisories/GHSA-rqr9-jwwf-wxgj"
}
],
"x_generator": {
"engine": "CVE-Request-form 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2026-40354",
"datePublished": "2026-04-11T00:29:03.467Z",
"dateReserved": "2026-04-11T00:29:02.889Z",
"dateUpdated": "2026-04-15T15:14:27.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-41326 (GCVE-0-2026-41326)
Vulnerability from cvelistv5 – Published: 2026-04-24 18:46 – Updated: 2026-05-13 05:17
VLAI
Title
Kata Containers: CopyFile Policy Subversion via Symlinks
Summary
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy (and perhaps the CopyFile handler) allows untrusted hosts to write to arbitrary locations inside the guest workload image. This can be used to overwrite binaries inside the guest and exfiltrate data from containers; even those running inside CVMs. This vulnerability is fixed in v3.29.0.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-61 - UNIX Symbolic Link (Symlink) Following
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/kata-containers/kata-container… | x_refsource_CONFIRM |
| https://github.com/kata-containers/kata-container… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2026/05/13/2 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| kata-containers | kata-containers |
Affected:
>= 3.4.0, < 3.29.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-41326",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-27T13:43:48.851429Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T13:43:53.436Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/kata-containers/kata-containers/security/advisories/GHSA-q49m-57vm-c8cc"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-05-13T05:17:44.571Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/13/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kata-containers",
"vendor": "kata-containers",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.4.0, \u003c 3.29.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy (and perhaps the CopyFile handler) allows untrusted hosts to write to arbitrary locations inside the guest workload image. This can be used to overwrite binaries inside the guest and exfiltrate data from containers; even those running inside CVMs. This vulnerability is fixed in v3.29.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T16:03:37.932Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/kata-containers/kata-containers/security/advisories/GHSA-q49m-57vm-c8cc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/kata-containers/kata-containers/security/advisories/GHSA-q49m-57vm-c8cc"
},
{
"name": "https://github.com/kata-containers/kata-containers/commit/1b9e49eb2763aa6ea6a99b276d3ff5e2c7f658f2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/kata-containers/commit/1b9e49eb2763aa6ea6a99b276d3ff5e2c7f658f2"
}
],
"source": {
"advisory": "GHSA-q49m-57vm-c8cc",
"discovery": "UNKNOWN"
},
"title": "Kata Containers: CopyFile Policy Subversion via Symlinks"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-41326",
"datePublished": "2026-04-24T18:46:21.993Z",
"dateReserved": "2026-04-20T14:01:46.672Z",
"dateUpdated": "2026-05-13T05:17:44.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-41937 (GCVE-0-2026-41937)
Vulnerability from cvelistv5 – Published: 2026-05-14 14:30 – Updated: 2026-05-25 23:42 X_Open Source
VLAI
Title
Vvveb < 1.0.8.3 Unrestricted File Upload RCE via Plugin Upload
Summary
Vvveb before 1.0.8.3 contains an unrestricted file upload vulnerability in the plugin upload endpoint that allows super_admin users to execute arbitrary PHP code by uploading a malicious plugin ZIP file. Attackers can craft a ZIP containing a plugin.php with a valid Slug header and a public/index.php file with arbitrary PHP code, which executes as the web server user once accessed via subsequent unauthenticated HTTP requests to the plugin's public path.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/givanz/Vvveb/releases/tag/1.0.8.3 | release-notes |
| https://github.com/givanz/Vvveb/commit/04f0294350… | patch |
| https://www.vulncheck.com/advisories/vvveb-unrest… | third-party-advisory |
Impacted products
Date Public
2026-05-13 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-41937",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-14T19:01:19.091805Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-14T19:02:24.088Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Vvveb",
"repo": "https://github.com/givanz/Vvveb",
"vendor": "givanz",
"versions": [
{
"lessThan": "1.0.8.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "04f0294350ec429e307cd31c2e777a4797c868d6",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Basant Kumar (@CyberWarrior9)"
},
{
"lang": "en",
"type": "finder",
"value": "VulnCheck"
}
],
"datePublic": "2026-05-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vvveb before 1.0.8.3 contains an unrestricted file upload vulnerability in the plugin upload endpoint that allows super_admin users to execute arbitrary PHP code by uploading a malicious plugin ZIP file. Attackers can craft a ZIP containing a plugin.php with a valid Slug header and a public/index.php file with arbitrary PHP code, which executes as the web server user once accessed via subsequent unauthenticated HTTP requests to the plugin\u0027s public path."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-61",
"description": "UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-25T23:42:18.902Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://github.com/givanz/Vvveb/releases/tag/1.0.8.3"
},
{
"tags": [
"patch"
],
"url": "https://github.com/givanz/Vvveb/commit/04f0294350ec429e307cd31c2e777a4797c868d6"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/vvveb-unrestricted-file-upload-rce-via-plugin-upload"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"x_open-source"
],
"title": "Vvveb \u003c 1.0.8.3 Unrestricted File Upload RCE via Plugin Upload",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-41937",
"datePublished": "2026-05-14T14:30:52.282Z",
"dateReserved": "2026-04-22T18:50:43.621Z",
"dateUpdated": "2026-05-25T23:42:18.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42275 (GCVE-0-2026-42275)
Vulnerability from cvelistv5 – Published: 2026-05-08 03:45 – Updated: 2026-05-08 12:13
VLAI
Title
zrok: WebDAV drive backend follows symlinks outside DriveRoot, enabling host filesystem read/write
Summary
zrok is software for sharing web services, files, and network resources. Prior to version 2.0.2, the zrok WebDAV drive backend (davServer.Dir) restricts path traversal through lexical normalization but does not prevent symlink following. When a symbolic link inside the shared DriveRoot points to a location outside that root, remote WebDAV consumers can read files and—on shares without OS-level permission restrictions—write or overwrite files anywhere on the host filesystem accessible to the zrok process. This issue has been patched in version 2.0.2.
Severity
8.7 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/openziti/zrok/security/advisor… | x_refsource_CONFIRM |
| https://github.com/openziti/zrok/commit/459bcfc1e… | x_refsource_MISC |
| https://github.com/openziti/zrok/releases/tag/v2.0.2 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42275",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-08T12:13:14.913927Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-08T12:13:21.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "zrok",
"vendor": "openziti",
"versions": [
{
"status": "affected",
"version": "\u003c 2.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "zrok is software for sharing web services, files, and network resources. Prior to version 2.0.2, the zrok WebDAV drive backend (davServer.Dir) restricts path traversal through lexical normalization but does not prevent symlink following. When a symbolic link inside the shared DriveRoot points to a location outside that root, remote WebDAV consumers can read files and\u2014on shares without OS-level permission restrictions\u2014write or overwrite files anywhere on the host filesystem accessible to the zrok process. This issue has been patched in version 2.0.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-08T03:45:57.209Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/openziti/zrok/security/advisories/GHSA-74m3-9qvm-rp9h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/openziti/zrok/security/advisories/GHSA-74m3-9qvm-rp9h"
},
{
"name": "https://github.com/openziti/zrok/commit/459bcfc1e121decae1b1d11c37ad94e4ed5bbf2e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/openziti/zrok/commit/459bcfc1e121decae1b1d11c37ad94e4ed5bbf2e"
},
{
"name": "https://github.com/openziti/zrok/releases/tag/v2.0.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/openziti/zrok/releases/tag/v2.0.2"
}
],
"source": {
"advisory": "GHSA-74m3-9qvm-rp9h",
"discovery": "UNKNOWN"
},
"title": "zrok: WebDAV drive backend follows symlinks outside DriveRoot, enabling host filesystem read/write"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42275",
"datePublished": "2026-05-08T03:45:57.209Z",
"dateReserved": "2026-04-26T11:53:27.708Z",
"dateUpdated": "2026-05-08T12:13:21.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42306 (GCVE-0-2026-42306)
Vulnerability from cvelistv5 – Published: 2026-06-12 18:09 – Updated: 2026-06-13 03:25
VLAI
Title
Moby: Race condition in docker cp allows bind mount redirection to host path
Summary
Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a malicious container to redirect a bind mount target to an arbitrary host path, potentially overwriting host files or causing denial of service. This issue has been patched in Docker Engine version 29.5.1 and Moby Daemon version 2.0.0-beta.14.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/moby/moby/security/advisories/… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42306",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-13T03:25:35.429147Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-13T03:25:47.055Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "moby",
"vendor": "moby",
"versions": [
{
"status": "affected",
"version": "github.com/docker/docker/daemon \u003c= 28.5.2"
},
{
"status": "affected",
"version": "Docker Engine \u003c 29.5.1"
},
{
"status": "affected",
"version": "github.com/moby/moby/v2/daemon \u003c 2.0.0-beta.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a malicious container to redirect a bind mount target to an arbitrary host path, potentially overwriting host files or causing denial of service. This issue has been patched in Docker Engine version 29.5.1 and Moby Daemon version 2.0.0-beta.14."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T18:09:22.188Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/moby/moby/security/advisories/GHSA-rg2x-37c3-w2rh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/moby/moby/security/advisories/GHSA-rg2x-37c3-w2rh"
}
],
"source": {
"advisory": "GHSA-rg2x-37c3-w2rh",
"discovery": "UNKNOWN"
},
"title": "Moby: Race condition in docker cp allows bind mount redirection to host path"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42306",
"datePublished": "2026-06-12T18:09:22.188Z",
"dateReserved": "2026-04-26T12:37:18.169Z",
"dateUpdated": "2026-06-13T03:25:47.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-43570 (GCVE-0-2026-43570)
Vulnerability from cvelistv5 – Published: 2026-05-05 11:25 – Updated: 2026-05-06 14:13 X_Open Source
VLAI
Title
OpenClaw 2026.3.22 < 2026.4.5 - Symlink Traversal in Remote Marketplace Repository Path Handling
Summary
OpenClaw versions 2026.3.22 before 2026.4.5 contain a symlink traversal vulnerability in remote marketplace repository path handling that allows attackers to escape the expected repository root. Attackers can exploit this by providing crafted symlink paths to access files outside the intended repository directory.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-61 - UNIX Symbolic Link (Symlink) Following
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/openclaw/openclaw/security/adv… | vendor-advisory |
| https://github.com/openclaw/openclaw/commit/94b00… | patch |
| https://github.com/openclaw/openclaw/commit/b1dd3… | patch |
| https://www.vulncheck.com/advisories/openclaw-sym… | third-party-advisory |
Impacted products
Date Public
2026-04-16 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-43570",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-06T14:13:19.953809Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T14:13:29.916Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/openclaw",
"product": "OpenClaw",
"vendor": "OpenClaw",
"versions": [
{
"lessThan": "2026.4.5",
"status": "affected",
"version": "2026.3.22",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "2026.4.5",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "2026.4.5",
"versionStartIncluding": "2026.3.22",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zsx (@zsxsoft)"
},
{
"lang": "en",
"type": "coordinator",
"value": "KeenSecurityLab"
}
],
"datePublic": "2026-04-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OpenClaw versions 2026.3.22 before 2026.4.5 contain a symlink traversal vulnerability in remote marketplace repository path handling that allows attackers to escape the expected repository root. Attackers can exploit this by providing crafted symlink paths to access files outside the intended repository directory."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-05T11:25:11.010Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-cr8r-7g2h-6wr6)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-cr8r-7g2h-6wr6"
},
{
"name": "Patch Commit (1)",
"tags": [
"patch"
],
"url": "https://github.com/openclaw/openclaw/commit/94b0062e90467e1582b47cc971f308457c537f3a"
},
{
"name": "Patch Commit (2)",
"tags": [
"patch"
],
"url": "https://github.com/openclaw/openclaw/commit/b1dd3ded3589f6fa60ab85b3930a82d538edaeae"
},
{
"name": "VulnCheck Advisory: OpenClaw 2026.3.22 \u003c 2026.4.5 - Symlink Traversal in Remote Marketplace Repository Path Handling",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/openclaw-symlink-traversal-in-remote-marketplace-repository-path-handling"
}
],
"tags": [
"x_open-source"
],
"title": "OpenClaw 2026.3.22 \u003c 2026.4.5 - Symlink Traversal in Remote Marketplace Repository Path Handling",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-43570",
"datePublished": "2026-05-05T11:25:11.010Z",
"dateReserved": "2026-05-01T16:58:23.117Z",
"dateUpdated": "2026-05-06T14:13:29.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-49248 (GCVE-0-2026-49248)
Vulnerability from cvelistv5 – Published: 2026-06-18 19:54 – Updated: 2026-06-22 14:41
VLAI
Title
OneDev: RCE through absolute-path symlink following allows low-privileged users to overwrite arbitrary server via TarUtils.untar
Summary
OneDev is a Git server with CI/CD, kanban, and packages. In versions 15.0.6 and below, TarUtils.untar() creates symbolic links verbatim from TAR entry getLinkName() without validating whether the target is an absolute path. A subsequent file entry in the same archive traverses the symlink, writing to arbitrary server-side locations. This is exploitable by any authenticated user with CI Job write access — no admin interaction required. This is an incomplete fix bypass of CVE-2021-21251 (GHSA-2w6j-wc8c-9mq2): that patch blocked .. path segments but did not address absolute symlink targets. This issue has been fixed in version 15.0.7.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-61 - UNIX Symbolic Link (Symlink) Following
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/theonedev/onedev/security/advi… | x_refsource_CONFIRM |
| https://github.com/theonedev/onedev/commit/4f8684… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49248",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T14:40:49.188433Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T14:41:03.763Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "onedev",
"vendor": "theonedev",
"versions": [
{
"status": "affected",
"version": "\u003c 15.0.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OneDev is a Git server with CI/CD, kanban, and packages. In versions 15.0.6 and below, TarUtils.untar() creates symbolic links verbatim from TAR entry getLinkName() without validating whether the target is an absolute path. A subsequent file entry in the same archive traverses the symlink, writing to arbitrary server-side locations. This is exploitable by any authenticated user with CI Job write access \u2014 no admin interaction required. This is an incomplete fix bypass of CVE-2021-21251 (GHSA-2w6j-wc8c-9mq2): that patch blocked .. path segments but did not address absolute symlink targets. This issue has been fixed in version 15.0.7."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-18T19:54:01.665Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/theonedev/onedev/security/advisories/GHSA-55g8-94r5-cj37",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/theonedev/onedev/security/advisories/GHSA-55g8-94r5-cj37"
},
{
"name": "https://github.com/theonedev/onedev/commit/4f8684acebc4bfeefd3c7e23a34a4fd591cb27ad",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/theonedev/onedev/commit/4f8684acebc4bfeefd3c7e23a34a4fd591cb27ad"
}
],
"source": {
"advisory": "GHSA-55g8-94r5-cj37",
"discovery": "UNKNOWN"
},
"title": "OneDev: RCE through absolute-path symlink following allows low-privileged users to overwrite arbitrary server via TarUtils.untar"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-49248",
"datePublished": "2026-06-18T19:54:01.665Z",
"dateReserved": "2026-05-28T14:33:01.178Z",
"dateUpdated": "2026-06-22T14:41:03.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5223 (GCVE-0-2026-5223)
Vulnerability from cvelistv5 – Published: 2026-05-25 08:57 – Updated: 2026-05-27 18:35
VLAI
Title
Crates in third party registries can override the cached source of other crates
Summary
Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override the source code of another crate from the same registry. The severity of the vulnerability is **medium** for users of third-party registries. Users of crates.io are **not affected**, as crates.io forbids uploading crates containing any symlink.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-61 - UNIX symbolic link (symlink) following
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://groups.google.com/g/rustlang-security-ann… | vendor-advisorymailing-list |
| https://blog.rust-lang.org/2026/05/25/cve-2026-5223/ | vendor-advisory |
| https://github.com/rust-lang/cargo/pull/17031 | patch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rust Project | Cargo |
Affected:
1.0.0 , < 1.96.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5223",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T14:36:37.949868Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T18:35:35.093Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://crates.io",
"defaultStatus": "unaffected",
"packageName": "cargo",
"product": "Cargo",
"repo": "https://github.com/rust-lang/cargo",
"vendor": "Rust Project",
"versions": [
{
"lessThan": "1.96.0",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override the source code of another crate from the same registry.\u0026nbsp;The severity of the vulnerability is **medium** for users of third-party registries. Users of crates.io are **not affected**, as crates.io forbids uploading crates containing any symlink."
}
],
"value": "Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override the source code of another crate from the same registry.\u00a0The severity of the vulnerability is **medium** for users of third-party registries. Users of crates.io are **not affected**, as crates.io forbids uploading crates containing any symlink."
}
],
"impacts": [
{
"capecId": "CAPEC-141",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-141 Cache Poisoning"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX symbolic link (symlink) following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-25T08:57:08.488Z",
"orgId": "986d4109-89ea-491f-99fd-a8e4803919bd",
"shortName": "rust"
},
"references": [
{
"tags": [
"vendor-advisory",
"mailing-list"
],
"url": "https://groups.google.com/g/rustlang-security-announcements/c/IB74S7Yksg8"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://blog.rust-lang.org/2026/05/25/cve-2026-5223/"
},
{
"tags": [
"patch"
],
"url": "https://github.com/rust-lang/cargo/pull/17031"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Rust 1.96.0, to be released on May 28th, 2026, will update Cargo to \nreject extracting *any* symlink within crate tarballs, regardless of \nwhether they come from crates.io (which already forbids them) or \nthird-party registries. Note that Cargo never added symlinks when \nrunning `cargo package` or `cargo publish`, so the impact of this should be\n minimal."
}
],
"value": "Rust 1.96.0, to be released on May 28th, 2026, will update Cargo to \nreject extracting *any* symlink within crate tarballs, regardless of \nwhether they come from crates.io (which already forbids them) or \nthird-party registries. Note that Cargo never added symlinks when \nrunning `cargo package` or `cargo publish`, so the impact of this should be\n minimal."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Crates in third party registries can override the cached source of other crates",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Users who are not able to upgrade to the most recent Rust version are recommended to audit the contents of their registry for the presence of any symlink, and to configure their registry to reject symlink (if such option is available).\u003cbr\u003e"
}
],
"value": "Users who are not able to upgrade to the most recent Rust version are recommended to audit the contents of their registry for the presence of any symlink, and to configure their registry to reject symlink (if such option is available)."
}
],
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "986d4109-89ea-491f-99fd-a8e4803919bd",
"assignerShortName": "rust",
"cveId": "CVE-2026-5223",
"datePublished": "2026-05-25T08:57:08.488Z",
"dateReserved": "2026-03-31T12:07:41.420Z",
"dateUpdated": "2026-05-27T18:35:35.093Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-52811 (GCVE-0-2026-52811)
Vulnerability from cvelistv5 – Published: 2026-06-24 20:31 – Updated: 2026-06-24 20:31
VLAI
Title
Gogs: UploadRepoFiles writes outside repo working tree via committed parent sym
Summary
Gogs is an open source self-hosted Git service. Prior to 0.14.3, (*Repository).UploadRepoFiles checks for symlinks only on the leaf of the upload target (osx.IsSymlink(targetPath)). The siblings UpdateRepoFile, DeleteRepoFile, and GetDiffPreview use hasSymlinkInPath, which lstats every component — UploadRepoFiles is the lone outlier. An attacker with repo-write access plus a multipart upload whose filename contains a literal backslash (preserved by filepath.Base on Linux, then converted to / by pathx.Clean) redirects the write through a previously-committed directory symlink. iox.CopyFile opens the destination with os.Create (no O_NOFOLLOW), so the kernel follows the parent symlink and writes attacker bytes anywhere the gogs UID can write — ~git/.ssh/authorized_keys → SSH foothold, or <repo>.git/hooks/post-receive → next-push RCE. This vulnerability is fixed in 0.14.3.
Severity
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/gogs/gogs/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/gogs/gogs/pull/8332 | x_refsource_MISC |
| https://github.com/gogs/gogs/commit/04cb8afbb01d8… | x_refsource_MISC |
| https://github.com/gogs/gogs/releases/tag/v0.14.3 | x_refsource_MISC |
{
"containers": {
"cna": {
"affected": [
{
"product": "gogs",
"vendor": "gogs",
"versions": [
{
"status": "affected",
"version": "\u003c 0.14.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Gogs is an open source self-hosted Git service. Prior to 0.14.3, (*Repository).UploadRepoFiles checks for symlinks only on the leaf of the upload target (osx.IsSymlink(targetPath)). The siblings UpdateRepoFile, DeleteRepoFile, and GetDiffPreview use hasSymlinkInPath, which lstats every component \u2014 UploadRepoFiles is the lone outlier. An attacker with repo-write access plus a multipart upload whose filename contains a literal backslash (preserved by filepath.Base on Linux, then converted to / by pathx.Clean) redirects the write through a previously-committed directory symlink. iox.CopyFile opens the destination with os.Create (no O_NOFOLLOW), so the kernel follows the parent symlink and writes attacker bytes anywhere the gogs UID can write \u2014 ~git/.ssh/authorized_keys \u2192 SSH foothold, or \u003crepo\u003e.git/hooks/post-receive \u2192 next-push RCE. This vulnerability is fixed in 0.14.3."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-24T20:31:38.233Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/gogs/gogs/security/advisories/GHSA-89mr-xqfv-758m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/gogs/gogs/security/advisories/GHSA-89mr-xqfv-758m"
},
{
"name": "https://github.com/gogs/gogs/pull/8332",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gogs/gogs/pull/8332"
},
{
"name": "https://github.com/gogs/gogs/commit/04cb8afbb01d855454e59977a1cdbf522ea1db31",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gogs/gogs/commit/04cb8afbb01d855454e59977a1cdbf522ea1db31"
},
{
"name": "https://github.com/gogs/gogs/releases/tag/v0.14.3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gogs/gogs/releases/tag/v0.14.3"
}
],
"source": {
"advisory": "GHSA-89mr-xqfv-758m",
"discovery": "UNKNOWN"
},
"title": "Gogs: UploadRepoFiles writes outside repo working tree via committed parent sym"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-52811",
"datePublished": "2026-06-24T20:31:38.233Z",
"dateReserved": "2026-06-08T18:11:06.659Z",
"dateUpdated": "2026-06-24T20:31:38.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Implementation
Description:
- Symbolic link attacks often occur when a program creates a tmp directory that stores files/links. Access to the directory should be restricted to the program as to prevent attackers from manipulating the files.
Mitigation ID: MIT-48.1
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- Follow the principle of least privilege when assigning access rights to entities in a software system.
- Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted.
CAPEC-27: Leveraging Race Conditions via Symbolic Links
This attack leverages the use of symbolic links (Symlinks) in order to write to sensitive files. An attacker can create a Symlink link to a target file not otherwise accessible to them. When the privileged program tries to create a temporary file with the same name as the Symlink link, it will actually write to the target file pointed to by the attackers' Symlink link. If the attacker can insert malicious content in the temporary file they will be writing to the sensitive file by using the Symlink. The race occurs because the system checks if the temporary file exists, then creates the file. The attacker would typically create the Symlink during the interval between the check and the creation of the temporary file.