CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,092 vulnerabilities with CWE-22
CVE-2026-27886 HIGH
Strapi may leak sensitive data via relational filtering due to lack of query sanitization
CVSS 7.5
CVE-2026-44542 CRITICAL
FileBrowser Quantum: Unauthenticated Path Traversal in Public Share Delete Allows Arbitrary File Deletion
CVSS 9.1
CVE-2026-42598 MEDIUM
Pode: Directory Traversal is possible on Static Routes
CVE-2026-42593 MEDIUM
Gotenberg: Arbitrary PDF read via stampExpression and watermarkExpression in merge, split, and convert routes
CVSS 5.3
CVE-2026-42881 HIGH
STIGQter: Arbitrary File Write leading to Local Code Execution via Export HTML
CVE-2026-6670 MEDIUM
Media Sync <= 1.4.9 - Authenticated (Author+) Path Traversal via 'sub_dir' and 'media_items' Parameters
CVSS 6.5
CVE-2026-44440 MEDIUM
ERPNext: Path Traversal Leading to Sensitive File Exposure
CVSS 6.5
CVE-2026-44437 MEDIUM
Angular SSR: Open Redirect and Request Steering via Encoded X-Forwarded-Prefix
CVSS 6.1
CVE-2026-44373 MEDIUM
Nitro: Proxy scope bypass via percent-encoded path traversal in `routeRules`
CVSS 5.3
CVE-2026-42549 MEDIUM
Flight: Path traversal in `make:controller` CLI creates arbitrary directories outside project root
CVSS 4.4
CVE-2026-22677 MEDIUM
Hermes WebUI < 0.51.44 - Release T Path Traversal via Session Import Endpoint
CVSS 6.5
CVE-2026-6282 HIGH
Lenovo Personal Cloud T2s - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSS 8.1
CVE-2026-42780 MEDIUM
BIG-IP SSL Orchestrator - Authenticated Path Traversal and Arbitrary File Write
CVSS 4.9
CVE-2026-31156 MEDIUM
OpenPLC v3 - Path Traversal via Command Line File Path Parameters
CVSS 6.5
CVE-2026-20916 HIGH
BIG-IQ 8.4.0 - Authenticated Arbitrary File Write via iControl REST Endpoint
CVSS 8.1
CVE-2026-45225 HIGH
Heym < 0.0.21 Path Traversal File Upload via upload_file()
CVSS 7.6
CVE-2026-44307 HIGH
Mako: Path traversal via backslash URI on Windows in TemplateLookup
CVE-2026-44301 HIGH
Hugo: Node tool execution allows file system access outside the project directory
CVSS 8.1
CVE-2026-42196 CRITICAL
django-s3file: Relative path traversal
CVE-2026-7474 HIGH
Nomad vulnerable to path traversal in dynamic host volume which may lead to code execution
CVSS 8.8
CVE-2026-44225 CRITICAL
Pulpy: Incomplete filesystem sandbox in pulpy.fs bridge allows packaged web apps to read arbitrary user files
CVSS 9.3
CVE-2026-34653 HIGH
Adobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
CVSS 8.7
CVE-2026-34664 MEDIUM
Substance3D - Designer | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
CVSS 6.3
CVE-2026-42048 CRITICAL
Langflow: Path Traversal in Langflow Knowledge Bases API
CVSS 9.6
CVE-2026-41612 MEDIUM
Visual Studio Code Information Disclosure Vulnerability
CVSS 5.5
Details
Vulnerabilities 9,092
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits