CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,091 vulnerabilities with CWE-22
CVE-2026-34657 MEDIUM
CAI Content Credentials | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
CVSS 5.5
CVE-2026-47932 HIGH
ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
CVSS 8.8
CVE-2026-36726 MEDIUM
bookcars 8.3 - Unauthenticated Arbitrary File Deletion via Directory Traversal
CVSS 5.3
CVE-2026-36723 HIGH
bookcars 8.3 - Authenticated Unrestricted File Rename and Directory Traversal via /api/create-user
CVSS 8.8
CVE-2026-49957 HIGH
Hermes WebUI < 0.51.269 Workspace Boundary Bypass via api/workspace.py
CVSS 7.7
CVE-2026-45482 HIGH
Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability
CVSS 8.4
CVE-2026-45454 MEDIUM
Microsoft SharePoint Remote Code Execution Vulnerability
CVSS 6.5
CVE-2026-32193 HIGH
Azure Kubernetes Service (AKS) Remote Code Execution Vulnerability
CVSS 8.8
CVE-2026-22926 HIGH
Omnissa Workspace One® Assist For macOS - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSS 7.8
CVE-2026-49742 HIGH
TYPO3 CMS - Broken Access Control in Media Module
CVE-2026-49738 LOW
TYPO3 CMS - Broken Access Control in File Abstraction Layer
CVE-2026-52902 MEDIUM
Awxkit: path traversal via yaml !include directive
CVSS 4.7
CVE-2026-49818 MEDIUM
Apache Airflow Samba provider: Path traversal in GCSToSambaOperator via GCS object names
CVSS 6.5
CVE-2026-41972 MEDIUM
Huawei HarmonyOS - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSS 5.4
CVE-2026-41843 MEDIUM
Spring Framework Path Traversal via Versioned Static Resources in Spring MVC and WebFlux
CVSS 5.9
CVE-2026-46484 HIGH
Headplane renameNode - Authenticated Path Traversal and RBAC Bypass
CVSS 8.1
CVE-2026-46486 MEDIUM
Mobile Verification Toolkit (MVT): Path Traversal via unsanitized File identifiers in iOS Backup processing
CVE-2026-41448 CRITICAL
AdGuard Home Authentication Bypass via Path Traversal in Admin-Token Cookie
CVSS 9.4
CVE-2026-25559 HIGH
OpenBullet2 0.3.2 Path Traversal via Wordlist Endpoint
CVSS 8.8
CVE-2026-49233 HIGH
Routinator cache path traversal using rogue rsync URIs
CVSS 7.5
CVE-2026-9506 HIGH
Webkul Bagisto v2.4.1 - Path Traversal
CVE-2026-11470 MEDIUM
hs-web hsweb-framework File Upload FileUploadProperties.java denied path traversal
CVSS 6.3
CVE-2026-11467 MEDIUM
jishenghua jshERP addAccountHeadAndDetail Endpoint AccountHeadService.java path traversal
CVSS 5.4
CVE-2026-11411 MEDIUM
iAI Lab PDF AI App chatpdf.pro getExternalCacheDir path traversal
CVSS 4.4
CVE-2026-9197 MEDIUM
Smart Slider 3 <= 3.5.1.36 - Authenticated (Administrator+) Path Traversal to Arbitrary File Read via 'src'/'srcset' Attribute in HTML Export
CVSS 4.9
Details
Vulnerabilities 9,091
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits