Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,125 vulnerabilities with CWE-22

CVE-2026-29190 MEDIUM

aiven/karapace < 6.0.0 - Path Traversal via Backup Reader

CVE-2026-29185 LOW

Backstage Integration < 1.20.1 - Path Traversal via Encoded SCM URL

CVE-2026-30828 HIGH

wallos < 4.6.2 - Server-Side Request Forgery via URL Parameter

CVE-2026-27139 LOW

File.ReadDir/Readdir - Path Traversal

CVE-2026-29790 MEDIUM

dbt-common <1.34.2/1.37.3 - Path Traversal

CVE-2026-29064 HIGH

Zarf 0.54.0-0.73.0 - Path Traversal

CVE-2026-29059 HIGH

Windmill < 1.603.3 - Unauthenticated Path Traversal via Get Log File Endpoint

CVE-2026-29065 CRITICAL

changedetection.io <0.54.4 - Path Traversal

CVE-2026-28800 MEDIUM

Natro Macro <1.1.0 - Unauthenticated RCE

CVE-2026-28795 CRITICAL

OpenChatBI < 0.2.2 - Path Traversal via File Format Parameter

CVE-2026-28679 HIGH

Home-Gallery.org <1.21.0 - Path Traversal

CVE-2026-28676 HIGH

OpenSift <1.6.3-alpha - Path Traversal

CVE-2026-28429 HIGH

Talishar < 6be3871a14c192d1fb8146cdbc76f29f27c1cf48 - Path Traversal via gameName Parameter

CVE-2026-26124 MEDIUM

Microsoft ACI Confidential Containers - Privilege Escalation

CVE-2026-28486 MEDIUM

OpenClaw 2026.1.16-2 - Path Traversal

CVE-2026-28482 HIGH

OpenClaw <2026.2.12 - Path Traversal

CVE-2026-28462 HIGH

OpenClaw <2026.2.13 - Path Traversal

CVE-2026-28457 MEDIUM

OpenClaw <2026.2.14 - Path Traversal

CVE-2026-28453 HIGH

OpenClaw <2026.2.14 - Path Traversal

CVE-2026-28447 HIGH

OpenClaw 2026.1.29-beta.1-2026.2.1 - Path Traversal

CVE-2026-28393 HIGH

OpenClaw <2026.2.14 - Path Traversal

CVE-2026-24457 CRITICAL

Eclipse Open Message Queue < 6.5.1 - Path Traversal and Remote Code Execution via Configuration Parsing

CVE-2026-28538 MEDIUM

Certificate Management Module - Path Traversal

CVE-2026-2743 CRITICAL

SeppMail <=15.0.2.1 - Path Traversal to RCE

CVE-2026-28078 MEDIUM

Stylemix uListing <=2.2.0 - Path Traversal

Previous Page 31 of 365 Next

Details

Vulnerabilities 9,125

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy