Weaknesses of type CWE-22
4,856 resultsCVE-2026-3188MEDIUMfeiyuchuixue sz-boot-parent API templates path traversalEPSS 0.3%CVE-2026-54406HIGHA malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instancesEPSS 0.3%CVE-2025-36598MEDIUMDell Avamar, versions prior to 19.12 with patch 338905, contains an Improper Limitation of a Pathname to a Restricted Directory ('Path TraveEPSS 0.3%CVE-2026-42598MEDIUMPode: Directory Traversal is possible on Static RoutesEPSS 0.3%CVE-2024-47267LOWImproper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Archiving Pull functionality in Synology SurEPSS 0.3%CVE-2026-9035MEDIUMMultiple vulnerabilities in Aspera applications.EPSS 0.3%CVE-2026-35483MEDIUMtext-generation-webui has a Path Traversal in load_template() — .jinja/.yaml/.yml file read without authenticationEPSS 0.3%CVE-2026-47385MEDIUMNocoDB: Path Traversal via SQLite Source FilenameEPSS 0.3%CVE-2026-40084MEDIUMCacti: Arbitrary File Read via Path Traversal in Report `format_file` ParameterEPSS 0.3%CVE-2025-68921HIGHSteelSeries Nahimic 3 1.10.7 allows Directory traversal.EPSS 0.3%CVE-2026-40256MEDIUMWeblate: Prefix-Based Repository Boundary Check Bypass via Symlink/Junction Path Prefix CollisionEPSS 0.3%CVE-2026-25640HIGHPydantic AI affected by Stored XSS via Path Traversal in Web UI CDN URLEPSS 0.3%CVE-2026-45775MEDIUMDiscourse: Cross-site backup access via path traversal in multisite local backupsEPSS 0.3%CVE-2025-30470MEDIUMA path handling issue was addressed with improved logic. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 1EPSS 0.3%CVE-2026-39345MEDIUMOrangeHRM Affected by Arbitrary File Read via Path Traversal in Email Template LoaderEPSS 0.3%CVE-2026-14636MEDIUMkirilkirkov Ecommerce-CodeIgniter-Bootstrap Vendor Image Manager AddProduct.php do_upload_others_images path traversalEPSS 0.3%CVE-2023-52544MEDIUMVulnerability of file path verification being bypassed in the email module.
Impact: Successful exploitation of this vulnerability may affectEPSS 0.3%CVE-2026-11467MEDIUMjishenghua jshERP addAccountHeadAndDetail Endpoint AccountHeadService.java path traversalEPSS 0.3%CVE-2026-34079HIGHFlatpak affected by arbitrary file deletion on the host filesystemEPSS 0.3%CVE-2026-33220MEDIUMWeblate: JavaScript localization CDN add-on allows arbitrary local file read outside the repositoryEPSS 0.3%