Crispr Xiang

**Name of the Vulnerable Software and Affected Versions** Salesforce CLI versions prior to 2.106.6 **Description** A flaw exists in the Salesforce CLI on Windows that allows for malicious DLL injection due to an uncontrolled search path element. This can lead to the replacement of trusted executables. **Recommendations** Update Salesforce CLI to version 2.106.6 or later.

**Name of the Vulnerable Software and Affected Versions** Bluetooth HCI Adaptor from Realtek (affected versions not specified) **Description** The issue allows local attackers with regular privileges to create a symbolic link with the same name as a specific file, causing the product to delete arbitrary files pointed to by the link. This can be leveraged for privilege escalation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft OfficePlus (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability. It involves incorrect handling of symbolic links before accessing a file, which could allow an attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.