Weaknesses of type CWE-59
629 resultsCVE-2026-53766MEDIUMchrome-devtools-mcp: validatePath() does not canonicalize symlinks before enforcing rootsEPSS 0.1%CVE-2026-22702MEDIUMvirtualenv Has TOCTOU Vulnerabilities in Directory CreationEPSS 0.1%CVE-2025-46636MEDIUMDell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low pEPSS 0.1%CVE-2026-53765MEDIUMchrome-devtools-mcp: daemon.pid write follows symlinks in /tmp fallback runtime directoryEPSS 0.1%CVE-2026-54055MEDIUMKitty has an Arbitrary File Write via Symlink Race Condition in File Transmission ProtocolEPSS 0.1%CVE-2026-54369HIGHacl < 2.4.0 Symlink Traversal Privilege Escalation via libacl FunctionsEPSS —CVE-2026-46406MEDIUMClaude Code: Insecure Temporary File in /copy Command Enables Response Disclosure and Symlink-Based File WriteEPSS —CVE-2026-54371HIGHattr < 2.6.0 Symlink Traversal Privilege Escalation via getfattr/setfattrEPSS —CVE-2026-55607HIGHClaude Code: Sandbox Escape via Git Worktree Path Confusion Allows Unsandboxed Code ExecutionEPSS —