Fallos del tipo CWE-22
4856 resultadosCVE-2026-32147MEDIUMSFTP chroot bypass via path traversal in SSH_FXP_FSETSTATEPSS 0.4%CVE-2024-56179HIGHIn MindManager Windows versions prior to 24.1.150, attackers could potentially write to unexpected directories in victims' machines via direEPSS 0.4%CVE-2025-31411MEDIUMWordPress Linet ERP-Woocommerce Integration plugin <= 3.5.12 - Arbitrary File Read/Deletion vulnerabilityEPSS 0.4%CVE-2026-25328MEDIUMWordPress Product File Upload for WooCommerce plugin <= 2.2.4 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2023-0593MEDIUMPath traversal in yaffshivEPSS 0.4%CVE-2025-13875MEDIUMYohann0617 oci-helper OCI Configuration Upload OciServiceImpl.java addCfg path traversalEPSS 0.4%CVE-2025-68862HIGHWordPress Woo File Dropzone plugin <= 1.1.7 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2025-64485MEDIUMCVAT: Mounted share file overwrite via crafted requestEPSS 0.4%CVE-2025-64346MEDIUMarchives: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')EPSS 0.4%CVE-2026-28078MEDIUMWordPress uListing plugin <= 2.2.0 - Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2026-42574HIGHapko dirFS has a symlink-following path traversal that allows multiple entry points to escape the build rootEPSS 0.4%CVE-2026-44641HIGHMicrosoft APM: plugin.json component paths escape plugin root and copy arbitrary host files during installEPSS 0.4%CVE-2025-7488MEDIUMJoeyBling SpringBoot_MyBatisPlus download path traversalEPSS 0.4%CVE-2024-11615MEDIUMEnvolve Plugin <= 1.0 - Unauthenticated Language File DeletionEPSS 0.4%CVE-2026-52716MEDIUMWordPress WorkScout-Core plugin <= 1.7.11 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2026-3585HIGHThe Events Calendar <= 6.15.17 - Authenticated (Author+) Arbitrary File Read via ajax_create_importEPSS 0.4%CVE-2026-32116HIGHMagic Wormhole: "wormhole receive" allows arbitrary local file overwriteEPSS 0.4%CVE-2026-52797HIGHGogs: Overwriting critical files results in a denial of serviceEPSS 0.4%CVE-2025-13681MEDIUMBFG Tools – Extension Zipper <= 1.0.7 - Authenticated (Administrator+) Path Traversal via 'first_file' ParameterEPSS 0.4%CVE-2026-31939HIGHPath Traversal (Arbitrary File Delete) in Chamilo LMSEPSS 0.4%