CWE-23
Relative Path Traversal
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.
370 vulnerabilities with CWE-23
CVE-2026-29778
HIGH
pyLoad 0.5.0b3.dev13-0.5.0b3.dev96 - Path Traversal
CVSS 7.1
CVE-2026-21659
CRITICAL
Frick Controls Quantum HD <=10.22 - RCE
CVSS 9.8
CVE-2025-62878
CRITICAL
Kubernetes - Path Traversal
CVSS 9.9
CVE-2026-27117
MEDIUM
bit7z <4.0.11 - Path Traversal
CVSS 5.5
CVE-2026-27202
HIGH
GetSimple CMS - Arbitrary File Read
CVSS 7.5
CVE-2026-2818
HIGH
Spring Data Geode - Path Traversal
CVSS 8.2
CVE-2026-21620
Erlang OTP - Path Traversal
CVE-2026-26362
HIGH
Dell Unisphere for PowerMax 10.2 - Path Traversal
CVSS 8.1
CVE-2025-58467
MEDIUM
Qsync Central <5.0.0.4 - Path Traversal
CVSS 6.5
CVE-2026-1762
LOW
GE Vernova Enervista <8.6 - File Manipulation
CVSS 2.9
CVE-2026-25951
HIGH
Frangoteam Fuxa < 1.2.11 - Path Traversal
CVSS 7.2
CVE-2026-25057
CRITICAL
MarkUs <2.9.1 - Path Traversal
CVSS 9.1
CVE-2025-22873
LOW
GO < 1.23.9 - Path Traversal
CVSS 3.8
CVE-2026-25575
HIGH
Navigatum < 2026-02-03 - Path Traversal
CVSS 7.5
CVE-2026-25121
HIGH
Chainguard.dev Apko < 1.1.0 - Path Traversal
CVSS 7.5
CVE-2026-24909
MEDIUM
Vltpkg Tar < 1.0.0-rc.10 - Path Traversal
CVSS 5.9
CVE-2026-23890
MEDIUM
pnpm <10.28.1 - Path Traversal
CVSS 6.5
CVE-2026-23888
MEDIUM
pnpm <10.28.1 - Path Traversal
CVSS 6.5
CVE-2026-1022
HIGH
Gotac Statistics Database System < 1.0.3 - Path Traversal
CVSS 7.5
CVE-2025-68472
HIGH
Mindsdb < 25.11.1 - Path Traversal
CVSS 8.1
CVE-2025-67366
HIGH
Sylphx Filesystem-mcp - Path Traversal
CVSS 7.5
CVE-2025-15225
HIGH
Sun.net Wmpro < 5.2 - Path Traversal
CVSS 7.5
CVE-2025-66737
MEDIUM
Yealink T21P_E2 Phone <52.84.0.15 - Path Traversal
CVSS 4.3
CVE-2025-57403
HIGH
Abelche Cola Dnslog - Path Traversal
CVSS 7.5
CVE-2025-15015
HIGH
Enterprise Cloud Database - Path Traversal
CVSS 7.5
Details
Vulnerabilities
370