Threat Intelligence / CVE / CVE-2025-60710

CVE-2025-60710

CISA KEV

CVSS 7.5 (HIGH) · EPSS 20.8%

Windows link following vulnerability (CWE-59) that enables local privilege escalation via symbolic link abuse. Added to CISA's Known Exploited Vulnerabilities catalog on 2026-04-13 as part of a batch of seven actively exploited flaws affecting Microsoft, Adobe, and Fortinet products.

CVSS v3 vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Weaknesses (CWE)

CWE-59

Threats tracking this CVE

CISA KEV Catalog Update: Seven Actively Exploited Vulnerabilities Added 2026-04-13 (Microsoft, Adobe, Fortinet) — CRITICAL

Full detection coverage & IOCs for threats exploiting CVE-2025-60710 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence