CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

8,747 vulnerabilities with CWE-22
CVE-2026-20148 MEDIUM
Cisco Identity Services Engine Path Traversal Vulnerability
CVSS 4.9
CVE-2026-40090 HIGH
Zarf has a Path Traversal via Malicious Package Metadata.Name — Arbitrary File Write
CVSS 7.1
CVE-2026-39399 CRITICAL
NuGet Gallery: Arbitrary Blob Overwrite via Nuspec Confusion and URI Fragment Truncation
CVSS 9.6
CVE-2026-35031 CRITICAL
Jellyfin: Potential RCE via subtitle upload path traversal + .strm chain
CVSS 9.9
CVE-2026-34619 HIGH
ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
CVSS 7.7
CVE-2026-27305 HIGH
ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
CVSS 8.6
CVE-2026-2399 MEDIUM
Schneider Electric PowerChute™ Serial Shutdown - Path Traversal
CVSS 6.1
CVE-2026-25691 MEDIUM
Fortinet FortiSandbox PaaS < 5.0.4 - Path Traversal
CVSS 6.7
CVE-2026-22573 MEDIUM
Fortinet FortiSOAR On-premise < 7.6.3 - Path Traversal
CVSS 6.5
CVE-2026-33929 MEDIUM
Apache PDFBox Examples: Path Traversal in PDFBox ExtractEmbeddedFiles Example Code
CVSS 4.3
CVE-2026-6227 HIGH
BackWPup <= 5.6.6 - Authenticated (Administrator+) Local File Inclusion via 'block_name' Parameter
CVSS 7.2
CVE-2026-22562 CRITICAL
Ubiquiti INC UniFi Play PowerAmp < 1.0.38 - Remote Code Execution
CVSS 9.8
CVE-2026-32146 MEDIUM
Improper Path Validation in Git Dependency Handling Allows Arbitrary File System Modification
CVE-2026-3689 MEDIUM
OpenClaw Canvas Path Traversal Information Disclosure Vulnerability
CVSS 6.5
CVE-2026-40180 HIGH
Zip Slip Path Traversal in quarkus-openapi-generator ApicurioCodegenWrapper class
CVE-2026-40163 HIGH
Saltcorn has an Unauthenticated Path Traversal in sync endpoints allows arbitrary file write and directory read
CVSS 8.2
CVE-2026-31939 HIGH
Path Traversal (Arbitrary File Delete) in Chamilo LMS
CVSS 8.3
CVE-2026-40157 CRITICAL
PraisonAI affected by arbitrary file write via path traversal in `praisonai recipe unpack`
CVE-2026-40086 MEDIUM
Rembg has a Path Traversal via Custom Model Loading
CVSS 5.3
CVE-2026-35668 HIGH
OpenClaw < 2026.3.24 - Sandbox Media Root Bypass via Unnormalized mediaUrl and fileUrl Parameters
CVSS 7.7
CVE-2026-6057 CRITICAL
Unauthenticated Path Traversal in FalkorDB Browser Leads to Remote Code Execution
CVSS 9.8
CVE-2026-6024 HIGH
Tenda i6 HTTP R7WebsSecurityHandlerfunction path traversal
CVSS 7.3
CVE-2026-5998 MEDIUM
zhayujie chatgpt-on-wechat CowAgent API Memory Content Endpoint service.py dispatch path traversal
CVSS 5.3
CVE-2026-4351 HIGH
Perfmatters <= 2.5.9 - Authenticated (Subscriber+) Arbitrary File Overwrite via 'snippets' Parameter
CVSS 8.1
CVE-2026-40152 MEDIUM
PraisonAIAgents has a Path Traversal via Unvalidated Glob Pattern in list_files Bypasses Workspace Boundary
CVSS 5.3
Details
Vulnerabilities 8,747
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits