Weaknesses of type CWE-22

4,856 results
CVE-2026-39377MEDIUMnbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment FilenamesEPSS 0.3%CVE-2026-10264MEDIUMlharries whatsapp-mcp Send API Endpoint main.go SendMessageRequest path traversalEPSS 0.3%CVE-2024-6281HIGHPath Traversal in parisneo/lollmsEPSS 0.3%CVE-2024-50559MEDIUMA vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM EPSS 0.3%CVE-2026-57346HIGHWordPress Embed Privacy plugin <= 1.12.3 - Arbitrary File Deletion vulnerabilityEPSS 0.3%CVE-2024-27871MEDIUMA path handling issue was addressed with improved validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. An app mayEPSS 0.3%CVE-2025-11221CRITICALRemote Code Execution in GTONE ChangeFlowEPSS 0.3%CVE-2026-12479MEDIUMPath Traversal in keras-team/kerasEPSS 0.3%CVE-2026-53480LOWDell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1EPSS 0.3%CVE-2026-35487MEDIUMtext-generation-webui has a Path Traversal in load_prompt() — .txt file read without authenticationEPSS 0.3%CVE-2022-42280HIGHNVIDIA BMC contains a vulnerability in SPX REST auth handler, where an un-authorized attacker can exploit a path traversal, which may lead tEPSS 0.3%CVE-2026-59196HIGHpnpm: hoisted install imports lockfile alias outside node_modulesEPSS 0.3%CVE-2026-49339HIGHPath traversal in getPlaylist/deletePlaylist bypasses ownership check: any authenticated user can read or delete any other user's playlistEPSS 0.3%CVE-2026-29790LOWdbt-common: commonprefix() doesn't protect against path traversalEPSS 0.3%CVE-2026-39899MEDIUMCacti: Path Traversal via filename parameter in package_import.phpEPSS 0.3%CVE-2026-6829MEDIUMnesquena hermes-webui Arbitrary Workspace Directory AccessEPSS 0.3%CVE-2024-41938MEDIUMA vulnerability has been identified in SINEC NMS (All versions < V3.0). The importCertificate function of the SINEC NMS Control web applicatEPSS 0.3%CVE-2025-62851MEDIUMLicense CenterEPSS 0.3%CVE-2025-15491MEDIUMPost Slides <= 1.0.1 - Contributor+ Local File InclusionEPSS 0.3%CVE-2026-61431MEDIUMPraisonAI before 4.6.78 Path Traversal via ContextGathererEPSS 0.3%