Weaknesses of type CWE-22
4,854 resultsCVE-2026-32193HIGHAzure Kubernetes Service (AKS) Remote Code Execution VulnerabilityEPSS 0.3%CVE-2026-42756CRITICALWordPress QuickWebP – Compress / Optimize Images & Convert WebP | SEO Friendly plugin <= 3.2.7 - Arbitrary File Deletion vulnerabilityEPSS 0.3%CVE-2026-41245MEDIUMJunrar: Path Traversal (Zip-Slip) via Sibling Directory Name PrefixEPSS 0.3%CVE-2026-55111HIGHA malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Protect Floodlight devices to accesEPSS 0.3%CVE-2026-48126HIGHAlgernon: Host header path traversal in --domain mode reads files and runs Lua from parent dirEPSS 0.3%CVE-2026-6903HIGHPath Traversal Vulnerability in LabOne User InterfaceEPSS 0.3%CVE-2026-32033MEDIUMOpenClaw < 2026.2.24 - Path Traversal via @-prefixed Absolute Paths in Workspace Boundary ValidationEPSS 0.3%CVE-2026-33493HIGHAVideo has a Path Traversal in import.json.php that Allows Private Video Theft and Arbitrary File Read/Deletion via fileURI ParameterEPSS 0.3%CVE-2026-45017HIGHPython Liquid: Absolute paths escape filesystem loader search pathEPSS 0.3%CVE-2026-23745HIGHnode-tar Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Insufficient Path SanitizationEPSS 0.3%CVE-2026-39308HIGHPraisonAI recipe registry publish path traversal allows out-of-root file writeEPSS 0.3%CVE-2026-26985HIGHLORIS vulnerable to path traversal in electrophysiology_browserEPSS 0.3%CVE-2025-8406MEDIUMPath Traversal in zenml-io/zenmlEPSS 0.3%CVE-2018-25421HIGHOpen STA Manager 2.3 Arbitrary File Download via Path TraversalEPSS 0.3%CVE-2024-2045MEDIUMSession 1.17.5 - LFR via chat attachmentEPSS 0.3%CVE-2026-14783MEDIUMNousResearch hermes-agent skills_tool.py skill_view path traversalEPSS 0.3%CVE-2025-62856LOWFile Station 5EPSS 0.3%CVE-2023-2110HIGHObsidian Local File DisclosureEPSS 0.3%CVE-2026-40163HIGHSaltcorn has an Unauthenticated Path Traversal in sync endpoints allows arbitrary file write and directory readEPSS 0.3%CVE-2026-14500MEDIUMBulk Order Update for WooCommerce <= 1.6 - Unauthenticated Arbitrary File Read via 'csv_url' ParameterEPSS 0.3%