[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-60710":6},{"stargazers_count":4,"fetched_at":5},6,"2026-05-22T16:08:08.064Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":195,"aliases":196,"duplicate_of":9,"upstream":197,"downstream":198,"duplicates":199,"related":200,"reserved_at":9,"published_at":201,"modified_at":202,"state":203,"summary":204,"references_raw":214,"kevs":238,"epss":249,"epss_history":252,"metrics":525,"affected":534},"CVE-2025-60710","Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-59","Improper Link Resolution Before File Access ('Link Following')","The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.","weakness","Draft","Base","Medium",[20,101,162,191],{"id":21,"name":22,"techniques":23},"CAPEC-132","Symlink Attack",[24],{"id":25,"name":26,"tactics":27,"countermeasures":34},"T1547.009","Shortcut Modification",[28,31],{"id":29,"name":30},"TA0110","Persistence",{"id":32,"name":33},"TA0111","Privilege Escalation",[35,40,44,48,52,57,62,67,72,77,81,85,89,93,97],{"id":36,"name":37,"tactic":38},"D3-FA","File Analysis",{"name":39},"Detect",{"id":41,"name":42,"tactic":43},"D3-FIM","File Integrity Monitoring",{"name":39},{"id":45,"name":46,"tactic":47},"D3-DA","Dynamic Analysis",{"name":39},{"id":49,"name":50,"tactic":51},"D3-EFA","Emulated File Analysis",{"name":39},{"id":53,"name":54,"tactic":55},"D3-FEV","File Eviction",{"name":56},"Evict",{"id":58,"name":59,"tactic":60},"D3-DF","Decoy File",{"name":61},"Deceive",{"id":63,"name":64,"tactic":65},"D3-FE","File Encryption",{"name":66},"Harden",{"id":68,"name":69,"tactic":70},"D3-RF","Restore File",{"name":71},"Restore",{"id":73,"name":74,"tactic":75},"D3-CF","Content Filtering",{"name":76},"Isolate",{"id":78,"name":79,"tactic":80},"D3-LFP","Local File Permissions",{"name":76},{"id":82,"name":83,"tactic":84},"D3-RFAM","Remote File Access Mediation",{"name":76},{"id":86,"name":87,"tactic":88},"D3-CQ","Content Quarantine",{"name":76},{"id":90,"name":91,"tactic":92},"D3-CM","Content Modification",{"name":76},{"id":94,"name":95,"tactic":96},"D3-EAL","Executable Allowlisting",{"name":76},{"id":98,"name":99,"tactic":100},"D3-EDL","Executable Denylisting",{"name":76},{"id":102,"name":103,"techniques":104},"CAPEC-17","Using Malicious Files",[105,142],{"id":106,"name":107,"tactics":108,"countermeasures":120},"T1574.005","Executable Installer File Permissions Weakness",[109,110,111,114,117],{"id":29,"name":30},{"id":32,"name":33},{"id":112,"name":113},"TA0030","Defense Evasion",{"id":115,"name":116},"TA0005","Stealth",{"id":118,"name":119},"TA0104","Execution",[121,126,130,134,138],{"id":122,"name":123,"tactic":124},"D3-SWI","Software Inventory",{"name":125},"Model",{"id":127,"name":128,"tactic":129},"D3-AVE","Asset Vulnerability Enumeration",{"name":125},{"id":131,"name":132,"tactic":133},"D3-SBV","Service Binary Verification",{"name":39},{"id":135,"name":136,"tactic":137},"D3-SU","Software Update",{"name":66},{"id":139,"name":140,"tactic":141},"D3-RS","Restore Software",{"name":71},{"id":143,"name":144,"tactics":145,"countermeasures":151},"T1574.010","Services File Permissions Weakness",[146,147,148,149,150],{"id":29,"name":30},{"id":32,"name":33},{"id":112,"name":113},{"id":115,"name":116},{"id":118,"name":119},[152,154,156,158,160],{"id":122,"name":123,"tactic":153},{"name":125},{"id":127,"name":128,"tactic":155},{"name":125},{"id":131,"name":132,"tactic":157},{"name":39},{"id":135,"name":136,"tactic":159},{"name":66},{"id":139,"name":140,"tactic":161},{"name":71},{"id":163,"name":164,"techniques":165},"CAPEC-35","Leverage Executable Code in Non-Executable Files",[166,173,180],{"id":167,"name":168,"tactics":169,"countermeasures":172},"T1027.006","HTML Smuggling",[170,171],{"id":112,"name":113},{"id":115,"name":116},[],{"id":174,"name":175,"tactics":176,"countermeasures":179},"T1027.009","Embedded Payloads",[177,178],{"id":112,"name":113},{"id":115,"name":116},[],{"id":181,"name":182,"tactics":183,"countermeasures":186},"T1564.009","Resource Forking",[184,185],{"id":112,"name":113},{"id":115,"name":116},[187],{"id":188,"name":189,"tactic":190},"D3-FFV","File Format Verification",{"name":76},{"id":192,"name":193,"techniques":194},"CAPEC-76","Manipulating Web Input to File System Calls",[],[],[],[],[],[],[],"2025-11-11T17:59:25.479Z","2026-04-14T03:55:25.244Z","Analyzed",{"cisa_kev":205,"cisa_ransomware":206,"cisa_vendor":207,"epss_severity":208,"epss_score":209,"severity":208,"severity_score":210,"severity_version":211,"severity_source":212,"severity_vector":213,"severity_status":203},true,false,"Microsoft","high",0.22899,7.8,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",[215,222,227,232],{"url":216,"sources":217,"tags":219},"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60710",[212,218],"nvd",[220,221],"Vendor Advisory","Patch",{"url":223,"sources":224,"tags":225},"https://www.vicarius.io/vsociety/posts/cve-2025-60710-detection-script-eop-vulnerability-in-host-process-for-windows-tasks",[212,218],[226],"Third Party Advisory",{"url":228,"sources":229,"tags":230},"https://www.vicarius.io/vsociety/posts/cve-2025-60710-mitigation-script-eop-vulnerability-in-host-process-for-windows-tasks",[212,218],[231,226],"Mitigation",{"url":233,"sources":234,"tags":235},"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-60710",[212,218],[236,237],"Government Resource","US Government Resource",[239],{"source":240,"vendor":207,"product":241,"date_added":242,"vulnerability_name":243,"short_description":244,"required_action":245,"due_date":246,"known_ransomware_campaign_use":247,"notes":248,"exploitation_type":9},"cisa","Windows","2026-04-13","Microsoft Windows Link Following Vulnerability","Microsoft Windows contains a link following vulnerability that allows for privilege escalation","Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","2026-04-27","Unknown","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60710 ; https://nvd.nist.gov/vuln/detail/CVE-2025-60710",{"date":250,"score":209,"percentile":251},"2026-05-22",0.95973,[253,257,260,263,266,269,273,277,280,283,287,290,293,296,299,302,305,308,311,314,317,320,323,325,328,330,333,336,338,341,344,347,351,354,357,360,364,367,370,373,376,379,382,385,388,391,394,397,399,402,405,408,411,414,417,421,424,427,430,433,436,439,442,445,448,451,454,457,461,464,467,470,473,476,479,482,485,488,491,494,497,500,503,506,509,512,515,517,520,522],{"date":254,"score":255,"percentile":256},"2025-11-12",0.00069,0.21445,{"date":258,"score":255,"percentile":259},"2025-11-13",0.21456,{"date":261,"score":255,"percentile":262},"2025-11-14",0.21443,{"date":264,"score":255,"percentile":265},"2025-11-15",0.21423,{"date":267,"score":255,"percentile":268},"2025-11-16",0.21373,{"date":270,"score":271,"percentile":272},"2025-11-17",0.00075,0.22804,{"date":274,"score":275,"percentile":276},"2025-11-18",0.00055,0.1272,{"date":278,"score":275,"percentile":279},"2025-11-19",0.1274,{"date":281,"score":275,"percentile":282},"2025-11-20",0.12754,{"date":284,"score":285,"percentile":286},"2025-11-21",0.00076,0.22953,{"date":288,"score":285,"percentile":289},"2025-11-22",0.2295,{"date":291,"score":285,"percentile":292},"2025-11-23",0.22911,{"date":294,"score":285,"percentile":295},"2025-11-24",0.22869,{"date":297,"score":285,"percentile":298},"2025-11-25",0.22858,{"date":300,"score":285,"percentile":301},"2025-11-26",0.2284,{"date":303,"score":285,"percentile":304},"2025-11-27",0.22846,{"date":306,"score":285,"percentile":307},"2025-11-28",0.22822,{"date":309,"score":285,"percentile":310},"2025-11-29",0.22807,{"date":312,"score":285,"percentile":313},"2025-11-30",0.22797,{"date":315,"score":285,"percentile":316},"2025-12-01",0.22836,{"date":318,"score":285,"percentile":319},"2025-12-02",0.22852,{"date":321,"score":285,"percentile":322},"2025-12-03",0.22866,{"date":324,"score":285,"percentile":272},"2025-12-04",{"date":326,"score":285,"percentile":327},"2025-12-05",0.22851,{"date":329,"score":285,"percentile":319},"2025-12-06",{"date":331,"score":285,"percentile":332},"2025-12-07",0.22809,{"date":334,"score":285,"percentile":335},"2025-12-08",0.22818,{"date":337,"score":285,"percentile":295},"2025-12-09",{"date":339,"score":285,"percentile":340},"2025-12-10",0.22942,{"date":342,"score":285,"percentile":343},"2025-12-11",0.22974,{"date":345,"score":285,"percentile":346},"2025-12-12",0.22983,{"date":348,"score":349,"percentile":350},"2025-12-13",0.00087,0.25622,{"date":352,"score":349,"percentile":353},"2025-12-14",0.25594,{"date":355,"score":349,"percentile":356},"2025-12-15",0.25563,{"date":358,"score":349,"percentile":359},"2025-12-16",0.25574,{"date":361,"score":362,"percentile":363},"2025-12-17",0.00336,0.55904,{"date":365,"score":362,"percentile":366},"2025-12-18",0.55943,{"date":368,"score":362,"percentile":369},"2025-12-19",0.55946,{"date":371,"score":362,"percentile":372},"2025-12-20",0.55938,{"date":374,"score":362,"percentile":375},"2025-12-21",0.55916,{"date":377,"score":362,"percentile":378},"2025-12-22",0.55897,{"date":380,"score":362,"percentile":381},"2025-12-23",0.55903,{"date":383,"score":362,"percentile":384},"2025-12-24",0.5591,{"date":386,"score":362,"percentile":387},"2025-12-25",0.55956,{"date":389,"score":362,"percentile":390},"2025-12-26",0.5595,{"date":392,"score":362,"percentile":393},"2025-12-27",0.56001,{"date":395,"score":362,"percentile":396},"2025-12-28",0.55913,{"date":398,"score":362,"percentile":378},"2025-12-29",{"date":400,"score":362,"percentile":401},"2025-12-30",0.55892,{"date":403,"score":362,"percentile":404},"2025-12-31",0.55905,{"date":406,"score":362,"percentile":407},"2026-01-01",0.56074,{"date":409,"score":362,"percentile":410},"2026-01-02",0.56054,{"date":412,"score":362,"percentile":413},"2026-01-03",0.56044,{"date":415,"score":362,"percentile":416},"2026-01-04",0.5587,{"date":418,"score":419,"percentile":420},"2026-01-05",0.00203,0.42477,{"date":422,"score":419,"percentile":423},"2026-01-06",0.42478,{"date":425,"score":419,"percentile":426},"2026-01-07",0.42498,{"date":428,"score":419,"percentile":429},"2026-01-08",0.42525,{"date":431,"score":419,"percentile":432},"2026-01-09",0.42503,{"date":434,"score":419,"percentile":435},"2026-01-10",0.42501,{"date":437,"score":419,"percentile":438},"2026-01-11",0.42473,{"date":440,"score":419,"percentile":441},"2026-01-12",0.42427,{"date":443,"score":419,"percentile":444},"2026-01-13",0.42406,{"date":446,"score":419,"percentile":447},"2026-01-14",0.42455,{"date":449,"score":419,"percentile":450},"2026-01-15",0.42446,{"date":452,"score":419,"percentile":453},"2026-01-16",0.42466,{"date":455,"score":419,"percentile":456},"2026-01-17",0.42441,{"date":458,"score":459,"percentile":460},"2026-01-18",0.00236,0.46244,{"date":462,"score":459,"percentile":463},"2026-01-19",0.46213,{"date":465,"score":459,"percentile":466},"2026-01-20",0.46211,{"date":468,"score":459,"percentile":469},"2026-01-21",0.46214,{"date":471,"score":459,"percentile":472},"2026-01-22",0.46215,{"date":474,"score":459,"percentile":475},"2026-01-23",0.46266,{"date":477,"score":459,"percentile":478},"2026-01-24",0.46274,{"date":480,"score":459,"percentile":481},"2026-01-25",0.46219,{"date":483,"score":459,"percentile":484},"2026-01-26",0.46188,{"date":486,"score":459,"percentile":487},"2026-01-27",0.46192,{"date":489,"score":459,"percentile":490},"2026-01-28",0.46201,{"date":492,"score":459,"percentile":493},"2026-01-29",0.4619,{"date":495,"score":459,"percentile":496},"2026-01-30",0.462,{"date":498,"score":459,"percentile":499},"2026-01-31",0.46209,{"date":501,"score":459,"percentile":502},"2026-02-01",0.46342,{"date":504,"score":459,"percentile":505},"2026-02-02",0.4632,{"date":507,"score":459,"percentile":508},"2026-02-03",0.46327,{"date":510,"score":459,"percentile":511},"2026-02-04",0.46186,{"date":513,"score":459,"percentile":514},"2026-02-05",0.46198,{"date":516,"score":459,"percentile":496},"2026-02-06",{"date":518,"score":459,"percentile":519},"2026-02-07",0.46206,{"date":521,"score":459,"percentile":487},"2026-02-08",{"date":523,"score":459,"percentile":524},"2026-02-09",0.46153,[526,531],{"source":212,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":527,"cvss_v4_0":9},{"baseScore":210,"baseSeverity":528,"vectorString":213,"impactScore":529,"exploitabilityScore":530},"HIGH",9.8,4.6,{"source":218,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":532,"cvss_v4_0":9},{"baseScore":210,"baseSeverity":528,"vectorString":533,"impactScore":529,"exploitabilityScore":530},"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[535,546,556,566,574,580],{"ecosystem":9,"name":536,"vendor":537,"product":538,"cpe_part":539,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":540},"windows 11 24h2","microsoft","windows_11_24h2","o",[541],{"version":542,"is_range":205,"range_type":543,"version_start":9,"version_start_type":9,"version_end":544,"version_end_type":545,"fixed_in":9},"lt10.0.26100.7392","cpe","10.0.26100.7392","excluding",{"ecosystem":9,"name":547,"vendor":537,"product":548,"cpe_part":539,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":549},"windows 11 25h2","windows_11_25h2",[550,553],{"version":551,"is_range":205,"range_type":543,"version_start":9,"version_start_type":9,"version_end":552,"version_end_type":545,"fixed_in":9},"lt10.0.26200.7092","10.0.26200.7092",{"version":554,"is_range":205,"range_type":543,"version_start":9,"version_start_type":9,"version_end":555,"version_end_type":545,"fixed_in":9},"lt10.0.26200.7392","10.0.26200.7392",{"ecosystem":9,"name":557,"vendor":537,"product":558,"cpe_part":559,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":560},"Windows 11 Version 24H2","windows 11 version 24h2","a",[561],{"version":562,"is_range":205,"range_type":212,"version_start":563,"version_start_type":564,"version_end":565,"version_end_type":545,"fixed_in":9},">= 10.0.26100.0, \u003C 10.0.26100.7462","10.0.26100.0","including","10.0.26100.7462",{"ecosystem":9,"name":567,"vendor":537,"product":568,"cpe_part":559,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":569},"Windows 11 Version 25H2","windows 11 version 25h2",[570],{"version":571,"is_range":205,"range_type":212,"version_start":572,"version_start_type":564,"version_end":573,"version_end_type":545,"fixed_in":9},">= 10.0.26200.0, \u003C 10.0.26200.7462","10.0.26200.0","10.0.26200.7462",{"ecosystem":9,"name":575,"vendor":537,"product":576,"cpe_part":539,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":577},"windows server 2025","windows_server_2025",[578,579],{"version":562,"is_range":205,"range_type":212,"version_start":563,"version_start_type":564,"version_end":565,"version_end_type":545,"fixed_in":9},{"version":542,"is_range":205,"range_type":543,"version_start":9,"version_start_type":9,"version_end":544,"version_end_type":545,"fixed_in":9},{"ecosystem":9,"name":581,"vendor":537,"product":582,"cpe_part":559,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":583},"Windows Server 2025 (Server Core installation)","windows server 2025 (server core installation)",[584],{"version":562,"is_range":205,"range_type":212,"version_start":563,"version_start_type":564,"version_end":565,"version_end_type":545,"fixed_in":9}]