CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,116 vulnerabilities with CWE-22
CVE-2026-4853 MEDIUM
JetBackup <= 3.1.19.8 - Authenticated (Administrator+) Arbitrary Directory Deletion via Path Traversal in 'fileName' Parameter
CVSS 4.9
CVE-2026-6410 MEDIUM
@fastify/static vulnerable to path traversal in directory listing
CVSS 5.3
CVE-2026-40503 MEDIUM
OpenHarness Path Traversal Information Disclosure via /memory show
CVSS 6.5
CVE-2026-21726 MEDIUM
Loki Path Traversal - CVE-2021-36156 Bypass
CVSS 5.3
CVE-2026-40256 MEDIUM
Weblate: Prefix-Based Repository Boundary Check Bypass via Symlink/Junction Path Prefix Collision
CVSS 5.0
CVE-2026-34242 HIGH
Weblate: Arbitrary File Read via Symlink
CVSS 7.7
CVE-2026-33220 MEDIUM
Weblate: JavaScript localization CDN add-on allows arbitrary local file read outside the repository
CVSS 6.8
CVE-2026-30996 HIGH
SAC-NFe 2.0.02 - Path Traversal via download.php GET Request
CVSS 7.5
CVE-2026-20180 CRITICAL
Cisco Identity Services Engine Multiple Remote Code Execution Vulnerability
CVSS 9.9
CVE-2026-20148 MEDIUM
Cisco Identity Services Engine Path Traversal Vulnerability
CVSS 4.9
CVE-2026-40090 HIGH
Zarf 0.23.0-0.74.1 Package Metadata.Name - Arbitrary File Write
CVSS 7.1
CVE-2026-39399 CRITICAL
NuGet Gallery: Arbitrary Blob Overwrite via Nuspec Confusion and URI Fragment Truncation
CVSS 9.6
CVE-2026-35031 CRITICAL
Jellyfin: Potential RCE via subtitle upload path traversal + .strm chain
CVSS 9.9
CVE-2026-34619 HIGH
ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
CVSS 7.7
CVE-2026-27305 HIGH
ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
CVSS 8.6
CVE-2026-2399 MEDIUM
PowerChute Serial Shutdown < 1.5 - Path Traversal via /REST/upssleep Request
CVSS 6.1
CVE-2026-25691 MEDIUM
FortiSandbox 4.2.0-5.0.5 - Authenticated Path Traversal via HTTP Requests
CVSS 6.7
CVE-2026-22573 MEDIUM
FortiSOAR 7.3.0-7.6.3 - Authenticated Path Traversal via File Content Extraction
CVSS 6.5
CVE-2026-33929 MEDIUM
Apache PDFBox Examples: Path Traversal in PDFBox ExtractEmbeddedFiles Example Code
CVSS 4.3
CVE-2026-6227 HIGH
BackWPup <= 5.6.6 - Authenticated (Administrator+) Local File Inclusion via 'block_name' Parameter
CVSS 7.2
CVE-2026-22562 CRITICAL
UniFi Play PowerAmp < 1.0.38 and UniFi Play Audio Port < 1.1.9 - Path Traversal and Remote Code Execution
CVSS 9.8
CVE-2026-32146 HIGH
Improper Path Validation in Git Dependency Handling Allows Arbitrary File System Modification
CVSS 7.8
CVE-2026-3689 MEDIUM
OpenClaw Canvas Path Traversal Information Disclosure Vulnerability
CVSS 6.5
CVE-2026-40180 HIGH
Zip Slip Path Traversal in quarkus-openapi-generator ApicurioCodegenWrapper class
CVSS 7.5
CVE-2026-40163 HIGH
Saltcorn Sync Endpoints - Unauthenticated Path Traversal
CVSS 8.2
Details
Vulnerabilities 9,116
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits