Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,126 vulnerabilities with CWE-22

CVE-2026-20137 LOW

Splunk Enterprise <10.2.0 - Path Traversal

CVE-2026-2464 HIGH

AMR Printer Management 1.01 Beta - Path Traversal

CVE-2026-2426 MEDIUM

WP-DownloadManager <=1.69 - Path Traversal

CVE-2026-2419 LOW

WP-DownloadManager <=1.69 - Path Traversal

CVE-2026-2623 MEDIUM

Blossom < 1.17.1 - Path Traversal via BLOSManager File Upload

CVE-2026-22762 MEDIUM

Dell Avamar <19.10 SP1 - Path Traversal

CVE-2026-2552 MEDIUM

zentao < 21.7.8 - Path Traversal via editor/control.php filePath Argument

CVE-2026-2551 MEDIUM

zentao < 21.7.8 - Path Traversal via Backup Handler fileName Parameter

CVE-2026-1793 MEDIUM

Elementor <8.3.17 - Info Disclosure

CVE-2026-26187 HIGH

lakeFS < 1.77.0 - Authenticated Path Traversal and Arbitrary File Write via Local Block Adapter

CVE-2026-25964 MEDIUM

Tandoor Recipes <2.5.1 - Path Traversal

CVE-2026-21878 HIGH

BACnet Stack <1.5.0.rc3 - Path Traversal

CVE-2026-26217 HIGH

Crawl4AI < 0.8.0 - Unauthenticated Local File Inclusion via Docker API Endpoints

CVE-2026-20669 MEDIUM

macOS Tahoe <26.3 - Info Disclosure

CVE-2026-20660 HIGH

macOS Tahoe <26.3 - Info Disclosure

CVE-2026-20653 MEDIUM

macOS Tahoe <26.3 - Info Disclosure

CVE-2026-20625 MEDIUM

macOS <15.7.4, <26.3, <14.8.4 - Info Disclosure

CVE-2026-20615 HIGH

iPadOS < 26.3 - Path Traversal and Privilege Escalation

CVE-2026-20614 HIGH

macOS <15.7.4/<26.3/<14.8.4 - Privilege Escalation

CVE-2026-25062 MEDIUM

Outline < 1.4.0 - Path Traversal and Arbitrary File Read via JSON Import Attachment Key

CVE-2026-25869 HIGH

MiniGal Nano <0.3.5 - Path Traversal

CVE-2026-22894 MEDIUM

QNAP File Station 5.5.6.4691-5.5.6.5190 - Authenticated Path Traversal

CVE-2026-25872 MEDIUM

JUNG Smart Panel KNX <L1.12.22 - Path Traversal

CVE-2026-25992 HIGH

SiYuan < 3.5.5 - Path Traversal via Case-Insensitive Path Bypass

CVE-2026-0651 HIGH

TP-Link Tapo C260 v1, D235 v1, C520WS v2.6 - Path Traversal via URL-Encoded GET Requests

Previous Page 35 of 366 Next

Details

Vulnerabilities 9,126

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy