Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-426

CWE-426

High likelihood

Untrusted Search Path

Parent: CWE-642 - External Control of Critical State Data

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

626 vulnerabilities with CWE-426

CVE-2025-4532 HIGH

Shanghai Bairui Information Technology SunloginClient 15.8.3.19819 ...

CVE-2025-4525 HIGH

Discord - Uncontrolled Search Path

CVE-2025-4455 HIGH

Patch My PC Home Updater <5.1.3.0 - Uncontrolled Search Path

CVE-2025-4272 HIGH

Mechrevo Control Console 1.0.2.70 - Uncontrolled Search Path

CVE-2025-27743 HIGH

Microsoft System Center Data Protecti... - Untrusted Search Path

CVE-2025-31480 CRITICAL

aiven-extras <1.1.16 - Privilege Escalation

CVE-2025-30407 MEDIUM

Acronis Cyber Protect Cloud Agent <39713 - Privilege Escalation

CVE-2025-1398 LOW

Mattermost Desktop < 5.11.0 - Untrusted Search Path

CVE-2025-29903 MEDIUM

JetBrains Runtime <21.0.6b872.80 - Code Injection

CVE-2025-27167 HIGH

Illustrator <29.2.1 - RCE

CVE-2025-1804 HIGH

Blizzard Battle.Net <2.39.0.15212 - Path Traversal

CVE-2025-1756 HIGH

mongosh <2.3.0 - Privilege Escalation

CVE-2025-1755 HIGH

MongoDB Compass <1.42.1 - Privilege Escalation

CVE-2025-1068 HIGH

Esri ArcGIS AllSource <1.2.1-1.3.1 - Privilege Escalation

CVE-2025-26624 MEDIUM

Rufus <4.6.2208 - Privilege Escalation

CVE-2025-1353 HIGH

Kong Insomnia <10.3.0 - Path Traversal

CVE-2025-24830 MEDIUM

Acronis Cyber Protect Cloud Agent <39378 - Privilege Escalation

CVE-2025-24829 MEDIUM

Acronis Cyber Protect Cloud Agent <39378 - Privilege Escalation

CVE-2025-24828 MEDIUM

Acronis Cyber Protect Cloud Agent <39378 - Privilege Escalation

CVE-2025-24827 MEDIUM

Acronis Cyber Protect Cloud Agent <39378 - Privilege Escalation

CVE-2025-0145 MEDIUM

Zoom Workplace Apps < - Privilege Escalation

CVE-2025-24789 HIGH

Snowflake Jdbc < 3.22.0 - Untrusted Search Path

CVE-2025-0733 MEDIUM

Postman <11.20 - Path Traversal

CVE-2025-0732 MEDIUM

Discord <1.0.9177 - Path Traversal

CVE-2025-0707 HIGH

Rise Group Rise Mode Temp CPU <2.1 - Path Traversal

Previous Page 4 of 26 Next

Details

Vulnerabilities 626

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy