Weaknesses of type CWE-22

4,828 results
CVE-2026-14352HIGHAR for WooCommerce <= 8.40 - Unauthenticated Path Traversal to Arbitrary File Read via 'file' ParameterEPSS 0.5%CVE-2025-6854MEDIUMchatchat-space Langchain-Chatchat files path traversalEPSS 0.5%CVE-2022-34430HIGHDell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnEPSS 0.5%CVE-2022-23971HIGHASUS RT-AX56U - Path TraversalEPSS 0.5%CVE-2025-3295MEDIUMWP Editor <= 1.2.9.1 - Authenticated (Administrator+) Directory Traversal to Arbitrary File ReadEPSS 0.5%CVE-2023-51366HIGHQTS, QuTS heroEPSS 0.5%CVE-2025-25684HIGHA lack of validation in the path parameter (/download) of GL-INet Beryl AX GL-MT3000 v4.7.0 allows attackers to download arbitrary files froEPSS 0.5%CVE-2022-23970HIGHASUS RT-AX56U - Path TraversalEPSS 0.5%CVE-2025-14728MEDIUMRapid7 Velociraptor Directory Traversal VulnerabilityEPSS 0.5%CVE-2025-32926CRITICALWordPress Grand Restaurant WordPress theme <= 7.0 - Path Traversal to PHP Object Injection vulnerabilityEPSS 0.5%CVE-2024-7634MEDIUMNGINX Agent VulnerabilityEPSS 0.5%CVE-2025-13879MEDIUMDirectory traversal vulnerability in EfficientIP's SOLIDserver IPAMEPSS 0.5%CVE-2024-56477MEDIUMIBM Power Hardware Management Console directory traversalEPSS 0.5%CVE-2024-43328HIGHWordPress EmbedPress plugin <= 4.0.9 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-47603HIGHWordPress belingoGeo plugin <= 1.12.0 - Arbitrary File Download VulnerabilityEPSS 0.5%CVE-2026-45731MEDIUMWWBN AVideo: Authenticated Arbitrary File Read in view/update.phpEPSS 0.5%CVE-2026-11416HIGHMoviePilot Path Traversal via Cloud Storage Download HandlersEPSS 0.5%CVE-2026-33344HIGHDagu has an incomplete fix for CVE-2026-27598: path traversal via %2F-encoded slashes in locateDAGEPSS 0.5%CVE-2026-24056MEDIUMpnpm has symlink traversal in file:/git dependenciesEPSS 0.5%CVE-2023-33747HIGHCloudPanel v2.2.2 allows attackers to execute a path traversal.EPSS 0.5%