Fallos del tipo CWE-22
4857 resultadosCVE-2026-39306HIGHPraisonAI recipe registry pull path traversal writes files outside the chosen output directoryEPSS 0.3%CVE-2026-32262MEDIUMCraft CMS has a Path Traversal Vulnerability in AssetsControllerEPSS 0.3%CVE-2026-27800HIGHZed has Zip Slip Path Traversal in Extension Archive ExtractionEPSS 0.3%CVE-2025-49089MEDIUMwangxutech MoneyPrinterTurbo 1.2.6 allows path traversal via /api/v1/download/ URIs such as /api/v1/download//etc/passwd.EPSS 0.3%CVE-2024-40712HIGHA path traversal vulnerability allows an attacker with a low-privileged account and local access to the system to perform local privilege esEPSS 0.3%CVE-2025-6210MEDIUMHardlink-Based Path Traversal in run-llama/llama_indexEPSS 0.3%CVE-2025-36597MEDIUMDell Avamar, versions prior to 19.12 with patch 338905, contains an Improper Limitation of a Pathname to a Restricted Directory ('Path TraveEPSS 0.3%CVE-2025-65076HIGHArbitrary File Read and Delete via Path Traversal in WaveStore ServerEPSS 0.3%CVE-2026-46397MEDIUMhaxcms-php Local File Inclusion via saveOutline API Location Parameter v2.0EPSS 0.3%CVE-2023-47541MEDIUMAn improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.2EPSS 0.3%CVE-2026-10278MEDIUMishayoyo excel-mcp read_file/write_file index.ts path traversalEPSS 0.3%CVE-2026-11847MEDIUMIntegration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File DeletionEPSS 0.3%CVE-2026-39977HIGHflatpak-builder has a path traversal leading to arbitrary file read on host when installing licence filesEPSS 0.3%CVE-2026-26960HIGHnode-tar has Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in ExtractionEPSS 0.3%CVE-2026-7715MEDIUMravenwits mcp-server-arangodb MCP tools.ts arango_backup path traversalEPSS 0.3%CVE-2026-7738MEDIUMpuchunjie doc-tools-mcp MCP mcp-server.ts open_document path traversalEPSS 0.3%CVE-2025-48394MEDIUMAn attacker with authenticated and privileged access could modify the contents of a non-sensitive file by traversing the path in the limitedEPSS 0.3%CVE-2026-27735MEDIUMmcp-server-git : Path traversal in git_add allows staging files outside repository boundariesEPSS 0.3%CVE-2026-34730MEDIUMCopier `_external_data` allows path traversal and absolute-path local file read without unsafe modeEPSS 0.3%CVE-2026-55699MEDIUMpnpm: reserved bin name deletes PNPM_HOME during global removeEPSS 0.3%