This page aggregates publicly disclosed CVE and security risk information related to links, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2006-5925 | Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements. | [email protected] | 7.5 | 33.21% | 2006-11-15 | 2026-04-23 |
| CVE-2004-1616 | Links allows remote attackers to cause a denial of service (memory consumption) via a web page or HTML email that contains a table with a td element and a large rowspan value,as demonstrated by mangleme. | [email protected] | 5.0 | 1.30% | 2004-10-18 | 2026-04-16 |
| CVE-2002-1405 | CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters. | [email protected] | 5.0 | 13.12% | 2003-02-19 | 2026-04-16 |