CVE-2026-23563

Name of the Vulnerable Software and Affected Versions TeamViewer DEX - 1E Client versions prior to 26.1

Description The software contains a flaw related to improper link resolution before file access. This issue, triggered by the 1E‑Explorer‑TachyonCore‑DeleteFileByPath instruction, allows a local attacker with limited privileges to delete protected system files. This is achieved by utilizing a specially crafted Remote Procedure Call (RPC) control junction or symbolic link that is followed during the execution of the delete instruction.

Recommendations Versions prior to 26.1 should be updated to version 26.1 or later.