CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,110 vulnerabilities with CWE-22
CVE-2026-41463 HIGH
ProjeQtor < 12.4.4 ZipSlip Path Traversal via uploadPlugin.php
CVSS 8.8
CVE-2026-30351 HIGH
leonvanzyl autocoder 79d02a - Path Traversal
CVSS 7.5
CVE-2026-7132 MEDIUM
code-projects Online Lot Reservation System download.php readfile path traversal
CVSS 5.3
CVE-2026-7086 MEDIUM
HBAI-Ltd Toonflow-app Storyboard Export replaceUrl.ts updateStoryboardUrl path traversal
CVSS 4.3
CVE-2026-7085 MEDIUM
HBAI-Ltd Toonflow-app downloadApp Endpoint downloadApp.ts z.url path traversal
CVSS 5.0
CVE-2026-7059 MEDIUM
666ghj MiroFish Query Parameter simulation.py get_simulation_posts path traversal
CVSS 5.3
CVE-2026-7036 HIGH
Tenda i9 HTTP R7WebsSecurityHandlerfunction path traversal
CVSS 7.3
CVE-2026-7024 MEDIUM
rawchen sims deleteFileServlet Endpoint DeleteFileServlet.java path traversal
CVSS 5.4
CVE-2026-7020 LOW
Ollama Tensor Model Transfer transfer.go digestToPath path traversal
CVSS 3.7
CVE-2026-6968 MEDIUM
Multiple Path Traversal Variants in awslabs/tough
CVSS 5.9
CVE-2026-41433 HIGH
OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR
CVSS 8.4
CVE-2026-41894 HIGH
SiYuan < 3.6.5 - Double-Encoded Path Traversal
CVE-2026-41419 HIGH
4ga Boards: Import Path Traversal Leads to Arbitrary File Read
CVSS 7.6
CVE-2026-41140
Poetry < 2.3.4 - Path Traversal via Tarball Extraction
CVE-2026-33077 HIGH
Roxy-WI <8.2.6.4 oldconfig - Arbitrary File Read
CVSS 7.5
CVE-2026-33076 CRITICAL
Roxy-WI vulnerable to path traversal and arbitrary file writing
CVSS 9.8
CVE-2026-29051 MEDIUM
melange has Path Traversal via .PKGINFO in --persist-lint-results
CVSS 4.4
CVE-2026-29050 MEDIUM
melange has Path Traversal When Resolving External Pipelines via Unvalidated pipeline[].uses
CVSS 6.1
CVE-2026-6941 MEDIUM
radare2 < 6.1.4 Project Notes Path Traversal via Symlink
CVSS 6.6
CVE-2026-6940 HIGH
radare2 < 6.1.4 Project Deletion Path Traversal Directory Deletion
CVSS 7.1
CVE-2026-41205 HIGH
Mako: Path traversal via double-slash URI prefix in TemplateLookup
CVSS 7.5
CVE-2026-6903 HIGH
Path Traversal Vulnerability in LabOne User Interface
CVSS 7.5
CVE-2026-41211 CRITICAL
`vite-plus/binding` has path traversal `downloadPackageManager()` that leads to writes outside of `VP_HOME`
CVSS 10.0
CVE-2026-41180 HIGH
PsiTransfer: Upload PATCH path traversal can create `config.<NODE_ENV>.js` and lead to code execution on restart
CVSS 7.5
CVE-2026-4917 MEDIUM
IBM Guardium Data Protection is affected by multiple vulnerabilities
CVSS 4.9
Details
Vulnerabilities 9,110
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits