Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-23

CWE-23

Relative Path Traversal

Parent: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

391 vulnerabilities with CWE-23

CVE-2026-22070 HIGH

ColorOS Assistant Path Traversal Vulnerability

CVE-2026-7404 HIGH

getsimpletool mcpo-simple-server base_manager.py delete_shared_prompt path traversal

CVE-2026-33733 HIGH

EspoCRM has Admin TemplateManager path traversal that allows arbitrary file read write and delete

CVE-2026-5966 HIGH

TeamT5｜ThreatSonar Anti-Ransomware - Arbitrary File Deletion

CVE-2026-31927 MEDIUM

Anviz CX7 Firmware Relative Path Traversal

CVE-2026-33435 HIGH

Weblate: Remote code execution during backup restoration

CVE-2026-20081 MEDIUM

Cisco Unity Connection Arbitrary File Download Vulnerability

CVE-2026-20078 MEDIUM

Cisco Unity Connection Arbitrary File Download Vulnerability

CVE-2026-39814 MEDIUM

Fortinet FortiWeb < 8.0.2 - Path Traversal

CVE-2026-27489 HIGH

ONNX: Path Traversal via Symlink

CVE-2026-32725 HIGH

SciTokens C++: Relative Path Traversal Vulnerability

CVE-2026-31831 HIGH

Tautulli: Unauthenticated Path Traversal in `/newsletter/image/images` endpoint

CVE-2026-4415 HIGH

GIGABYTE｜Gigabyte Control Center - Arbitrary File Write

CVE-2026-33206 MEDIUM

calibre has a path traversal vulnerability

CVE-2026-33494 CRITICAL

Ory Oathkeeper has a path traversal authorization bypass

CVE-2026-27625 HIGH

Stirling-PDF Zip Slip: Arbitrary File Write via Path Traversal in Markdown-to-PDF ZIP Extraction

CVE-2026-29101 MEDIUM

SuiteCRM Vulnerable to Directory Traversal to DoS in Modules

CVE-2026-29098 MEDIUM

SuiteCRM has Relative Path Traversal via ModuleBuilder Modules ExportCustom Action

CVE-2026-30345 HIGH

CTFd v3.8.1-18-gdb5a18c4 - Path Traversal

CVE-2026-29778 HIGH

pyLoad 0.5.0b3.dev13-0.5.0b3.dev96 - Path Traversal

CVE-2026-21659 CRITICAL

Frick Controls Quantum HD <=10.22 - RCE

CVE-2026-27117 MEDIUM

bit7z <4.0.11 - Path Traversal

CVE-2026-27202 HIGH

GetSimple CMS - Arbitrary File Read

CVE-2026-2818 HIGH

Spring Data Geode - Path Traversal

CVE-2026-21620 LOW

Erlang OTP - Path Traversal

Page 1 of 16 Next

Details

Vulnerabilities 391

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy