Weaknesses of type CWE-22
4,856 resultsCVE-2026-2864MEDIUMfeng_ha_ha/megagao ssm-erp/production_ssm PictureController.java pictureDelete path traversalEPSS 0.3%CVE-2026-6865HIGHImproper Limitation of a Pathname to a Restricted Directory Vulnerability on Multiple ProductsEPSS 0.3%CVE-2026-43872MEDIUMactual-server has a path traversal vulnerabilityEPSS 0.3%CVE-2026-0651MEDIUMPath Traversal on TP-Link Tapo D235 and C260 via Local httpsEPSS 0.3%CVE-2026-40605MEDIUMTautulli Vulnerable to Authenticated Path Traversal in Cache Deletion APIEPSS 0.3%CVE-2026-39405CRITICALFrappe has Path Transversal via SCORMEPSS 0.3%CVE-2024-6618HIGHPath Traversal in Ocean Data Systems Dream ReportEPSS 0.3%CVE-2026-30234MEDIUMOpenProject BIM BCF XML Import: <Snapshot> Path Traversal Leads to Arbitrary Local File Read (AFR)EPSS 0.3%CVE-2025-64235MEDIUMWordPress Tuturn plugin < 3.6 - Arbitrary File Download vulnerabilityEPSS 0.3%CVE-2026-23485MEDIUMBlinko: Unauthorized Path Traversal File Enumeration - music-metadataEPSS 0.3%CVE-2026-2606MEDIUMIBM webMethods API Management fails to validate user input and enables unauthorized arbitrary file readEPSS 0.3%CVE-2024-42680MEDIUMAn issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to obtain the server absolute path by enterinEPSS 0.3%CVE-2026-50567HIGHFission: Zip Slip in pkg/utils/zip.go:Unarchive allows fetcher to write outside the destination directoryEPSS 0.3%CVE-2025-67643MEDIUMJenkins Redpen - Pipeline Reporter for Jira Plugin 1.054.v7b_9517b_6b_202 and earlier does not correctly perform path validation of the workEPSS 0.3%CVE-2026-11470MEDIUMhs-web hsweb-framework File Upload FileUploadProperties.java denied path traversalEPSS 0.3%CVE-2022-39210LOWAccess to internal files of the Nextcloud Android appEPSS 0.3%CVE-2025-54292MEDIUMClient-Side Path Traversal in LXD-UIEPSS 0.3%CVE-2022-40264MEDIUMImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ICONICS/Mitsubishi Electric GENESIS64 versioEPSS 0.3%CVE-2025-13876MEDIUMRareprob HD Video Player All Formats App com.rocks.music.videoplayer path traversalEPSS 0.3%CVE-2025-66206MEDIUMFrappe vulnerable to a path traversal allowing reading certain filesEPSS 0.3%