Weaknesses of type CWE-73
466 resultsCVE-2026-30903CRITICALExternal Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to coEPSS 0.3%CVE-2026-34030MEDIUMImproper branch-code validation in Wertheim SafeController Software allows file path manipulationEPSS 0.3%CVE-2024-12861MEDIUMW2S – Migrate WooCommerce to Shopify <= 1.2.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File ReadEPSS 0.3%CVE-2020-37080HIGHwebTareas 2.0.p8 - Arbitrary File DeletionEPSS 0.3%CVE-2026-24287HIGHWindows Kernel Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2020-37078HIGHi-doit Open Source CMDB 1.14.1 - Arbitrary File DeletionEPSS 0.3%CVE-2024-31492HIGHAn external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installEPSS 0.3%CVE-2026-53632MEDIUMNTLMv2 hash disclosure via UNC path handling on WindowsEPSS 0.3%CVE-2026-23521MEDIUMTraccar vulnerable to Path Traversal and External Control of File Name or PathEPSS 0.3%CVE-2026-41088HIGHWindows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-41412MEDIUMalf.io vulnerable to Arbitrary File Read and Exfil via simpleHttpClient Extension ScriptEPSS 0.3%CVE-2024-39303MEDIUMWeblate vulnerabler to improper sanitization of project backupsEPSS 0.3%CVE-2020-1984HIGHSecdo: Privilege escalation via hardcoded script pathEPSS 0.3%CVE-2026-35032HIGHJellyfin: Potential SSRF + Arbitrary file read via LiveTV M3U tunerEPSS 0.3%CVE-2026-42593MEDIUMGotenberg: Arbitrary PDF read via stampExpression and watermarkExpression in merge, split, and convert routesEPSS 0.3%CVE-2021-22539HIGHCode execution in VSCode-bazel via malicious Bazel config filesEPSS 0.3%CVE-2020-36868HIGHNagios XI < 5.7.3 Privilege escalation via Insecure getprofile.sh ScriptEPSS 0.3%CVE-2026-39378MEDIUMnbconvert has an Arbitrary File Read via Path Traversal in HTMLExporter Image EmbeddingEPSS 0.3%CVE-2024-12267MEDIUMDrag and Drop Multiple File Upload – Contact Form 7 <= 1.3.8.5 - Limited Arbitrary File DeletionEPSS 0.3%CVE-2025-0202MEDIUMTCS BaNCS REPORTS_SHOW_FILE.jsp file inclusionEPSS 0.3%