CVE-2025-33053

⚠ KEVEPSS 50.3%

Microsoft Windows External Control of File Name or Path Vulnerability

Added to CISA KEV: 6/10/2025

Description

Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV location specified by the WorkingDirectory attribute of Internet Shortcut files.

Affected packages (0)

No package mapping in OSV.