Weaknesses of type CWE-22

4,847 results
CVE-2026-49984HIGHKestra: Path traversal in `LocalStorage` allows any authenticated user to read arbitrary server files via the execution file-download API (`\..\` bypasses the `..` guard)EPSS 0.4%CVE-2025-14182MEDIUMSobey Media Convergence System upload path traversalEPSS 0.4%CVE-2023-20229HIGHA vulnerability in the CryptoService function of Cisco Duo Device Health Application for Windows could allow an authenticated, local attackeEPSS 0.4%CVE-2026-22737MEDIUMSpring Framework Improper Path Limitation with Script View TemplatesEPSS 0.4%CVE-2026-22460HIGHWordPress FormGent plugin <= 1.7.0 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2025-12002MEDIUMFeeds for YouTube Pro <= 2.6.0 - Unauthenticated Arbitrary File Read via Path TraversalEPSS 0.4%CVE-2026-25228MEDIUMSignalK Server has Path Traversal leading to information disclosureEPSS 0.4%CVE-2024-42408MEDIUMDorsett Controls InfoScan Path TraversalEPSS 0.4%CVE-2026-6381HIGHWP Maps < 4.9.3 - Subscriber+ Local File InclusionEPSS 0.4%CVE-2026-34726MEDIUMCopier `_subdirectory` allows template root escape via parent-directory traversalEPSS 0.4%CVE-2026-36760CRITICALAn issue in the fileMd5 parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissiEPSS 0.4%CVE-2026-27040HIGHWordPress WZone plugin <= 14.0.31 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2026-35668HIGHOpenClaw < 2026.3.24 - Sandbox Media Root Bypass via Unnormalized mediaUrl and fileUrl ParametersEPSS 0.4%CVE-2025-64152CRITICALApache IoTDB: Path Traversal VulnerabilityEPSS 0.4%CVE-2025-55017CRITICALApache IoTDB: Path Traversal VulnerabilityEPSS 0.4%CVE-2025-31174MEDIUMPath traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.EPSS 0.4%CVE-2026-7704MEDIUMAV Stumpfl Pixera Two Media Server Service Port 1338 path traversalEPSS 0.4%CVE-2026-27101MEDIUMDell Secure Connect Gateway (SCG) 5.0 Appliance and Application version(s) 5.28.00.xx to 5.32.00.xx, contain(s) an Improper Limitation of a EPSS 0.4%CVE-2025-4186MEDIUMWangshen SecGate 3600 g=route_ispinfo_export_save path traversalEPSS 0.4%CVE-2025-13246MEDIUMshsuishang ShopSuite ModulithShop JwtAuthenticationFilter.java JwtAuthenticationFilter path traversalEPSS 0.4%