Weaknesses of type CWE-22
4,856 resultsCVE-2024-34129HIGHAcrobat Android : OverSecured Finding : Overwriting arbitrary files via attacker-controlled output file pathsEPSS 0.3%CVE-2026-57079MEDIUMNet::BitTorrent versions through 2.0.1 for Perl write files outside the download directory via path traversal in peer-supplied metadataEPSS 0.3%CVE-2026-43901MEDIUMWireshark MCP: Arbitrary file write via export_objects when WIRESHARK_MCP_ALLOWED_DIRS is not configuredEPSS 0.3%CVE-2024-2602HIGHCWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path
Traversal') vulnerability exists that could result in remote codeEPSS 0.3%CVE-2025-11020HIGHRemote Code Execution in MarkAny SafePC EnterpriseEPSS 0.3%CVE-2024-45601HIGHLocal file Inclusion via static file serving functionality in MesopEPSS 0.3%CVE-2026-32711HIGHpydicom: Path traversal in FileSet/DICOMDIR ReferencedFileID allows file access outside the File-set rootEPSS 0.3%CVE-2025-10723LOWPixelYourSite < 11.1.2 - Admin+ LFIEPSS 0.3%CVE-2026-44298MEDIUMKimai: Arbitrary file read in invoice PDF renderer (admin)EPSS 0.3%CVE-2026-28827CRITICALA parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.5,EPSS 0.3%CVE-2026-5051MEDIUMAudit Log Plugin Directory Guard Bypass via Legacy path OptionEPSS 0.3%CVE-2024-47273MEDIUMAn improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup Task functionality in Synology HypEPSS 0.3%CVE-2026-48716HIGHnanobot: Path traversal via unsanitized WhatsApp document fileName enables arbitrary file writeEPSS 0.3%CVE-2025-8917MEDIUMPath Traversal Leading to Remote Code Execution in allegroai/clearmlEPSS 0.3%CVE-2026-9154HIGHArbitrary File Write in Rapid7 InsightConnect Sed PluginEPSS 0.3%CVE-2026-26228LOWVLC for Android < 3.7.0 Remote Access Path TraversalEPSS 0.3%CVE-2026-4502MEDIUMArbitrary File Write and Remote Code Execution Vulnerability in Langflow v2 APIEPSS 0.3%CVE-2026-0655MEDIUMPath Traversal on TP-Link Deco BE25EPSS 0.3%CVE-2026-20688CRITICALA path handling issue was addressed with improved validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS SEPSS 0.3%CVE-2026-44301MEDIUMHugo: Node tool execution allows file system access outside the project directoryEPSS 0.3%