CWE-24

Path Traversal: '../filedir'

Parent: CWE-23 - Relative Path Traversal

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize "../" sequences that can resolve to a location that is outside of that directory.

108 vulnerabilities with CWE-24
CVE-2026-33431 MEDIUM
Roxy-WI Vulnerable to Authenticated Arbitrary File Read via Path Traversal in Config Version Viewer
CVSS 6.5
CVE-2026-40318 HIGH
SiYuan: Publish Reader Path Traversal Delete via `removeUnusedAttributeView`
CVSS 8.5
CVE-2026-41082 HIGH
OCaml opam <2.5.1 - Path Traversal
CVSS 7.3
CVE-2026-39813 CRITICAL
Fortinet FortiSandbox < 5.0.5 - Path Traversal
CVSS 9.8
CVE-2026-28538 MEDIUM
Certificate Management Module - Path Traversal
CVSS 5.9
CVE-2026-28427 HIGH
OpenDeck <2.8.1 - Path Traversal
CVSS 7.5
CVE-2026-21857 MEDIUM
Redaxo < 5.20.2 - Path Traversal
CVSS 6.5
CVE-2026-21436 MEDIUM
eopkg <4.4.0 - Path Traversal
CVSS 5.5
CVE-2025-67364 HIGH
Efforthye Fast-filesystem-mcp - Path Traversal
CVSS 7.5
CVE-2025-68430 MEDIUM
CVAT <2.52.0 - Info Disclosure
CVSS 4.3
CVE-2025-67845 MEDIUM
Mintlify < 2025-11-15 - Path Traversal
CVSS 6.4
CVE-2025-61318 CRITICAL
Emlog Pro 2.5.20 - Path Traversal
CVSS 9.1
CVE-2025-51661 HIGH
Lanol Filecodebox < 2.2 - Path Traversal
CVSS 7.5
CVE-2025-13199 MEDIUM
Fabian Email Logging Interface - Path Traversal
CVSS 5.3
CVE-2025-63298 HIGH
SourceCodester Pet Grooming Mgmt <1.0 - Path Traversal
CVSS 8.2
CVE-2025-60344 HIGH
D-Link DSR - Local File Inclusion
CVSS 8.6
CVE-2025-57618 HIGH
FastX3 <3.3.67 - Path Traversal
CVSS 7.3
CVE-2025-57563 MEDIUM
StarNet Communications Corporation FastX <4.1.51 - Path Traversal
CVSS 6.5
CVE-2025-61189 MEDIUM
Jeecgboot <3.8.2 - Path Traversal
CVSS 6.3
CVE-2025-61188 MEDIUM
Jeecgboot <3.8.2 - Path Traversal
CVSS 6.3
CVE-2025-59342 MEDIUM
esm.sh <136 - Path Traversal
CVE-2025-59049 HIGH
Mockoon Commons-server < 9.2.0 - Path Traversal
CVSS 7.5
CVE-2025-26427 MEDIUM
Google Android - Path Traversal
CVSS 4.4
CVE-2025-56760 MEDIUM
Memos - Path Traversal
CVSS 4.3
CVE-2025-46094 LOW
Liquidfiles < 4.1.2 - Path Traversal
CVSS 3.8
Details
Vulnerabilities 108
Links
MITRE CWE Entry Search this CWE With Exploits