Weaknesses of type CWE-22
4,854 resultsCVE-2026-42757CRITICALWordPress WebinarIgnition plugin < 4.08.253 - Arbitrary File Deletion vulnerabilityEPSS 0.3%CVE-2026-56066MEDIUMWordPress ShortPixel Adaptive Images plugin <= 3.11.4 - Arbitrary File Deletion vulnerabilityEPSS 0.3%CVE-2026-54917HIGHSeaweedFS: Path traversal in the S3 and Iceberg REST gateways allows cross-bucket accessEPSS 0.3%CVE-2026-44353MEDIUMStreamlink: Arbitrary local file read via file:// URI in HLS and DASHEPSS 0.3%CVE-2025-32205LOWWordPress Piotnet Forms plugin <= 1.0.30 - Path Traversal vulnerabilityEPSS 0.3%CVE-2026-42737HIGHWordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.9 - Arbitrary File Deletion vulnerabilityEPSS 0.3%CVE-2026-58192HIGHAppium: Unauthenticated arbitrary file/directory deletion in @appium/storage-pluginEPSS 0.3%CVE-2026-45482HIGHMicrosoft Visual Studio Code CoPilot Chat Security Feature Bypass VulnerabilityEPSS 0.3%CVE-2026-43982HIGHAlgernon: Path traversal file write via savein()EPSS 0.3%CVE-2025-68279HIGHWeblate has an arbitrary file read via symbolic linksEPSS 0.3%CVE-2026-49247HIGHJellyfin: Potential Authenticated path traversal in /ClientLog/DocumentEPSS 0.3%CVE-2025-15470MEDIUMEleganzo <= 1.2 - Authenticated (Subscriber+) Arbitrary Directory DeletionEPSS 0.3%CVE-2026-32026HIGHOpenClaw < 2026.2.24 - Arbitrary File Read via Improper Temporary Path Validation in SandboxEPSS 0.3%CVE-2021-39143MEDIUMPath Traversal in spinnakerEPSS 0.3%CVE-2026-7627MEDIUM8nite metatrader-4-mcp sync_ea_from_file index.ts CallToolRequestSchema path traversalEPSS 0.3%CVE-2026-32030HIGHOpenClaw < 2026.2.19 - Sensitive File Disclosure via stageSandboxMedia Path TraversalEPSS 0.3%CVE-2026-1186HIGHPath Traversal in EAP LegislatorEPSS 0.3%CVE-2026-57331CRITICALWordPress Paid Videochat Turnkey Site plugin <= 7.4.8 - Arbitrary File Deletion vulnerabilityEPSS 0.3%CVE-2025-6731MEDIUMyzcheng90 X-SpringBoot APK File apk uploadApk path traversalEPSS 0.3%CVE-2025-41073HIGHPath Traversal in Gandia Integra Total by TESIEPSS 0.3%