Weaknesses of type CWE-22

4,857 results
CVE-2026-57966MEDIUMSpice-vdagent: path traversal in file transfer via unsanitized filenameEPSS 0.1%CVE-2026-28457MEDIUMOpenClaw < 2026.2.14 - Path Traversal in Sandbox Skill Mirroring via Name ParameterEPSS 0.1%CVE-2026-50207HIGHLocal Modem Manipulation via Binder InterfacesEPSS 0.1%CVE-2022-20505MEDIUMIn openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalatioEPSS 0.1%CVE-2026-59948HIGHComposer: Arbitrary file write outside vendor via malicious transitive package nameEPSS 0.1%CVE-2026-22926HIGHOmnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability.EPSS 0.1%CVE-2025-11565HIGHCWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause elevated systemEPSS 0.1%CVE-2026-49219MEDIUMImageMagick: Policy Bypass can read disallowed filesEPSS 0.1%CVE-2026-20669MEDIUMA parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3. An EPSS 0.1%CVE-2025-59890HIGHImproper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead intEPSS 0.1%CVE-2026-41124LOWDell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1EPSS 0.1%CVE-2026-35177MEDIUMPath traversal issue with zip.vim in VimEPSS 0.1%CVE-2026-47091MEDIUMClaude HUD 0.0.12 Path Traversal via transcript_pathEPSS 0.1%CVE-2026-54250MEDIUMK3s: ZIP Archive Path Traversal Vulnerability in etcd Snapshot DecompressionEPSS 0.1%CVE-2026-52902MEDIUMAwxkit: path traversal via yaml !include directiveEPSS 0.1%CVE-2026-9489HIGHNitroSense V3: Local Privilege Escalation (LPE) vulnerabilityEPSS 0.1%CVE-2025-54652HIGHPath traversal vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentialityEPSS 0.1%CVE-2025-54653HIGHPath traversal vulnerability in the virtualization file module. Successful exploitation of this vulnerability may affect the confidentialityEPSS 0.1%CVE-2026-8069HIGHPredatorSense V3: Local Privilege Escalation (LPE) vulnerabilityEPSS 0.1%CVE-2022-28784MEDIUMPath traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as EPSS 0.1%