Weaknesses of type CWE-22

4,856 results
CVE-2026-7766HIGHPath Traversal in Kenik camerasEPSS 0.3%CVE-2026-8770MEDIUMcontinuedev continue JSON-RPC Server lsTool.ts lsTool path traversalEPSS 0.3%CVE-2026-49246LOWJellyfin: Potential MKV attachment filename path traversal to RCEEPSS 0.3%CVE-2026-10601MEDIUMPath traversal in the Tempo and Loki data source pluginsEPSS 0.3%CVE-2026-34371MEDIUMLibreChat Affected by Arbitrary File Write via `execute_code` Artifact Filename TraversalEPSS 0.3%CVE-2026-48820MEDIUMCakePHP: View::element() is missing a path containment checkEPSS 0.3%CVE-2026-59194HIGHpnpm: patch-remove could delete project-selected files outside the patches directoryEPSS 0.3%CVE-2025-0694MEDIUMCODESYS Control V3 removable media path traversalEPSS 0.3%CVE-2026-59195HIGHpnpm: Path traversal in configDependencies env lockfile allows symlink creation outside node_modules/.pnpm-configEPSS 0.3%CVE-2026-25603MEDIUMPath Traversal vulnerability in Linksys MR9600, Linksys MX4200EPSS 0.3%CVE-2026-43732MEDIUMA path handling issue was addressed with improved validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS TahoEPSS 0.3%CVE-2023-4782MEDIUMTerraform Allows Arbitrary File Write During Init OperationEPSS 0.3%CVE-2026-35592MEDIUMpyLoad has an Incomplete Tar Path Traversal Fix in UnTar._safe_extractall via os.path.commonprefix BypassEPSS 0.3%CVE-2026-27523MEDIUMOpenClaw < 2026.2.24 - Sandbox Bind Validation Bypass via Symlink-Parent Missing-Leaf PathsEPSS 0.3%CVE-2025-8941HIGHLinux-pam: incomplete fix for cve-2025-6020EPSS 0.3%CVE-2025-63365HIGHSoftSea EPUB File Reader 1.0.0.0 is vulnerable to Directory Traversal. The vulnerability resides in the EPUB file processing component, specEPSS 0.3%CVE-2025-43190MEDIUMA parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 26 and iPadOS 26,EPSS 0.3%CVE-2023-42947HIGHA path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 aEPSS 0.3%CVE-2026-31802HIGHnode-tar Symlink Path Traversal via Drive-Relative LinkpathEPSS 0.3%CVE-2026-58171LOWVibe-Trading < 0.1.10 - Path Traversal via Swarm Run IdentifierEPSS 0.3%