PULSE
LIVE37signals / 24h
FEED
ransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomchaos reclama a radiax.com · US · Technologyransominterlock reclama a Converting Equipment International · GB · Manufacturingransomblack x reclama a sanaa · YE · Not Foundransomthegentlemen reclama a Tangram Interiors · GB · Business Servicesransomthegentlemen reclama a BRAC · BD · Business Servicesransomthegentlemen reclama a Customs Watch · US · Public Sectorransomthegentlemen reclama a Gallant · FI · Not Foundransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomchaos reclama a radiax.com · US · Technologyransominterlock reclama a Converting Equipment International · GB · Manufacturingransomblack x reclama a sanaa · YE · Not Foundransomthegentlemen reclama a Tangram Interiors · GB · Business Servicesransomthegentlemen reclama a BRAC · BD · Business Servicesransomthegentlemen reclama a Customs Watch · US · Public Sectorransomthegentlemen reclama a Gallant · FI · Not Found
← All CVEs
CVE WatchJul 7, 2026

CVE-2026-57991

Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclos

CVSS

7.4

High

EPSS

0.7%

p51

KEV

Exploit Today

15

0-100

Published: Jul 3, 2026 · Last modified: Jul 7, 2026 · CWE-59

EPSS · 30d
0.7%EPSS · 30 days0.8%
2026-07-042026-07-16
Technical description

Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.

Official references
Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-506567.8 HIG
87.5%
26Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ".8d
CVE-2026-3407810.0 CRI
74.3%
22Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths. Flatpak run mounts the resolved host path in the sandbox. This gives apps access to all host files and can be used as a primitive to gain code execution in the host context. This vulnerability is fixed in 1.16.4.2d
CVE-2026-330018.8 HIG
63.6%
19Jenkins 2.554 and earlier, LTS 2.541.2 and earlier does not safely handle symbolic links during the extraction of .tar and .tar.gz archives, allowing crafted archives to write files to arbitrary locations on the filesystem, restricted only by file system access permissions of the user running Jenkins. This can be exploited to deploy malicious scripts or plugins on the controller by attackers with Item/Configure permission, or able to control agent processes.2d
CVE-2020-239687.8 HIG
55.2%
17Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a symlink attack on ProgramData\Ilex\S&G\Logs\000-sngWSService1.log.8d
CVE-2026-556078.8 HIG
51.3%
15Claude Code is an agentic coding tool. From 2.1.38 until 2.1.163, Claude Code's worktree handling allowed creation of worktrees named ".git" and navigation to worktrees outside the sandbox context, enabling git directory confusion attacks. By exploiting symlink manipulation and git fsmonitor execution during worktree operations, an attacker could overwrite files in the user's home directory (such as .zshenv), leading to code execution outside of seatbelt sandbox restrictions. Reliably exploiting this required the user to clone a malicious repository containing prompt injection content and run Claude Code against it. This vulnerability is fixed in 2.1.163.16d
CVE-2026-439988.5 HIG
49.8%
15vm2 is an open source vm/sandbox for Node.js. In 3.10.5, NodeVM's require.root path restriction can be bypassed using filesystem symlinks, allowing sandboxed code to load modules from outside the allowed root directory in host context. Because path validation uses path.resolve() (which does not dereference symlinks) but module loading uses Node's native require() (which does), an attacker can load arbitrary host-realm modules and achieve remote code execution. This vulnerability is fixed in 3.11.0.2d