Weaknesses of type CWE-22
4,826 resultsCVE-2024-30492MEDIUMWordPress Export and Import Users and Customers plugin <= 2.5.2 - Path Traversal vulnerabilityEPSS 0.5%CVE-2026-32727HIGHSciTokens: Authorization Bypass via Path Traversal in Scope ValidationEPSS 0.5%CVE-2025-59343HIGHtar-fs has a symlink validation bypass if destination directory is predictable with a specific tarballEPSS 0.5%CVE-2025-9693HIGHUser Meta – User Profile Builder and User management plugin <= 3.1.2 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 0.5%CVE-2024-33870MEDIUMAn issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal (via a crafted PostScript document) to arbitrary fileEPSS 0.5%CVE-2025-27785HIGHApplio allows arbitrary file read in train.py export_index functionEPSS 0.5%CVE-2025-1127CRITICALCombination Path Traversal and Concurrent Execution vulnerability exists within the embedded web serverEPSS 0.5%CVE-2024-34554HIGHWordPress Stockholm Core plugin <= 2.4.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-34552HIGHWordPress Stockholm theme <= 9.6 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2026-34783HIGHFerret has a Path Traversal in IO::FS::WRITE allows arbitrary file write when scraping malicious websitesEPSS 0.5%CVE-2025-27142MEDIUMLocalSend path traversal vulnerability in the file upload endpoint allows nearby devices to execute arbitrary commandsEPSS 0.5%CVE-2025-27786HIGHApplio allows arbitrary file removal in core.pyEPSS 0.5%CVE-2026-10108HIGHxiaomusic 0.5.7 Path Traversal via GET /music endpointEPSS 0.5%CVE-2026-6568MEDIUMkodcloud KodExplorer Public Share share.class.php initShareOld path traversalEPSS 0.5%CVE-2024-27869HIGHThe issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to record thEPSS 0.5%CVE-2024-37501HIGHWordPress Advanced Classifieds & Directory Pro plugin <= 3.1.3 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2026-7404MEDIUMgetsimpletool mcpo-simple-server base_manager.py delete_shared_prompt path traversalEPSS 0.5%CVE-2025-58423HIGHAdvantech DeviceOn/iEdge Path TraversalEPSS 0.5%CVE-2024-25614MEDIUMThere is an arbitrary file deletion vulnerability in the CLI used by ArubaOS. Successful exploitation of this vulnerability results in the aEPSS 0.5%CVE-2026-8756MEDIUMfishaudio Bert-VITS2 Gradio webui_preprocess.py generate_config path traversalEPSS 0.5%