CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,091 vulnerabilities with CWE-22
CVE-2026-45279 MEDIUM
Nextcloud Server 31.0.0-31.0.13 and 32.0.0-32.0.3 - Path Traversal via Template Directory Config
CVSS 4.4
CVE-2026-43624 HIGH
F5-TTS <= 1.1.20 - Unauthenticated Path Traversal and Arbitrary File Write via Gradio Project Name
CVSS 8.2
CVE-2026-10278 MEDIUM
ishayoyo excel-mcp <= 1.0.2 - Path Traversal via filePath/outputPath Argument
CVSS 6.3
CVE-2026-8643 MEDIUM
pip can extract console_scripts and gui_scripts outside installation directory
CVSS 5.5
CVE-2026-42679 MEDIUM
WordPress Classified Listing plugin <= 5.3.8 - Arbitrary File Download vulnerability
CVSS 6.5
CVE-2026-48866 CRITICAL
WordPress Gravity Forms plugin <= 2.10.0.1 - Arbitrary File Deletion vulnerability
CVSS 9.6
CVE-2026-10264 LOW
lharries whatsapp-mcp Send API Endpoint main.go SendMessageRequest path traversal
CVSS 3.5
CVE-2026-48827 HIGH
Apache MINA SSHD: Path traversal in org.apache.sshd:sshd-git
CVSS 7.1
CVE-2026-40547 MEDIUM
Path Traversal in SOPlanning
CVE-2026-10213 MEDIUM
AstrBotDevs AstrBot API Endpoint delete path traversal
CVSS 5.4
CVE-2026-44650 CRITICAL
SillyTavern: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSS 9.1
CVE-2026-47179 HIGH
Arcane: Authenticated Arbitrary Host File Read via Docker Compose Include Directives in Arcane
CVSS 7.7
CVE-2026-45668 CRITICAL
Trilium Notes : Note Import to RCE via #docName Path Traversal (Safe Import Enabled)
CVE-2026-45661 CRITICAL
Dokploy: Remote Code Execution through Path Traversal
CVSS 9.9
CVE-2026-10108 HIGH
xiaomusic 0.5.7 Path Traversal via GET /music endpoint
CVSS 7.5
CVE-2026-39276 HIGH
Emlog Pro 2.6.9 - Authenticated Path Traversal and Arbitrary PHP Code Execution via Template Upload
CVSS 7.2
CVE-2026-46337 MEDIUM
WWBN AVideo: Unauthenticated Arbitrary Image Read via Path Traversal in `view/img/image404Raw.php`
CVSS 5.3
CVE-2026-45731 MEDIUM
WWBN AVideo: Authenticated Arbitrary File Read in view/update.php
CVSS 4.9
CVE-2026-9559 CRITICAL
Mautic 7 - Authenticated Path Traversal and Remote Code Execution via Campaign Import ZIP Extraction
CVSS 9.9
CVE-2026-44973 HIGH
Billy: Path traversal vulnerabilities
CVSS 8.1
CVE-2026-44885 MEDIUM
Portainer: Path traversal in backup archive extraction allows arbitrary file write
CVSS 5.5
CVE-2026-49128 HIGH
Music Player Daemon < 0.24.11 Path Traversal via LocalStorage URI Handling
CVSS 7.5
CVE-2026-33462 MEDIUM
Path Traversal in Kibana Leading to Unauthorized Deletion of User Accounts
CVSS 4.6
CVE-2026-32847 HIGH
DeepCode 1.2.0 Path Traversal via SPA Catch-All Route in main.py
CVSS 7.5
CVE-2026-4944 HIGH
Hardcoded trust_remote_code=True in vllm-project/vllm Bypasses User Security Control
CVSS 8.8
Details
Vulnerabilities 9,091
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits