Back

Improper link resolution before file access in Bitdefender Total Security via Link Following (VA-13681)

Publication date: July 14th, 2026


CVE ID:
CVE-2026-6851
CVSS scrore:
7
Affected vendors:
Bitdefender
Affected products:
Total Security
Vulnerability details:

An Improper link resolution before file access (‘link following’) vulnerability in the File Shredder module as used in Bitdefender Total Security and Internet Security on Windows allows a less-privileged local user to elevate rights by leveraging a race conditions via Symbolic Links.

This issue affects Total Security: before 27.0.58.315; Internet Security: before 27.0.58.315.

Additional details:
An automatic update to version 27.0.58.315 fixes the issue
Credit:
Anonymous working with TrendAI Zero Day Initiative