Path Traversal
Monthly
Arbitrary file download in the WooCommerce Book Price WordPress plugin (versions 1.3 and earlier) allows remote attackers to retrieve arbitrary files from the underlying server filesystem via path traversal. The CVSS vector indicates network-reachable exploitation without authentication or user interaction, yielding high confidentiality impact with no integrity or availability effects. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Unauthenticated arbitrary file download in JoomUnited's WP Media Folder Addon WordPress plugin versions 4.0.1 and below allows remote attackers to retrieve arbitrary files from the underlying server via a path traversal weakness (CWE-22). The flaw is exploitable over the network without authentication or user interaction, exposing sensitive WordPress and server files such as wp-config.php. No public exploit identified at time of analysis, and the issue is not currently tracked in CISA KEV.
Arbitrary file deletion in QuantumCloud WPBot Pro WordPress Chatbot plugin versions 13.6.5 and earlier allows authenticated subscriber-level users to delete arbitrary files on the WordPress host via a path traversal flaw. With no public exploit identified at time of analysis, the issue still carries elevated risk because exploitation requires only the lowest-privilege WordPress role, which is auto-grantable on sites that allow open registration. Deleting files such as wp-config.php can trigger the WordPress install routine and lead to full site takeover.
Arbitrary file write via path traversal in SOLIDWORKS Visualize (bundled with SOLIDWORKS Desktop 2024 through 2026) allows remote attackers to place files at attacker-chosen locations on the server. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N) indicates remote, unauthenticated exploitation with high impact across confidentiality, integrity, and availability. At time of analysis, no public exploit identified and the issue is not on the CISA KEV list.
Authenticated path traversal in Gogs self-hosted Git service (versions <= 0.13.4) allows any user with repository edit permissions to overwrite arbitrary files on the host filesystem via the diff preview endpoint, resulting in denial of service. By abusing the `git diff --output=<file>` flag through the `POST /:user/:repo/_preview/:branch/:path_to_file` handler and bypassing the standard library `path.Clean` filter, an attacker can corrupt critical files such as `gogs.db` or `app.ini`. Publicly available exploit code exists in the form of a detailed researcher write-up with payload examples, though no CISA KEV listing or active exploitation has been reported.
Arbitrary file read in Runtipi 4.9.1-4.9.3 exposes sensitive container secrets via symlink following in an unauthenticated app-store logo endpoint. An attacker who controls a Git-based app-store repository can embed a symbolic link as a marketplace logo file; because the path guard performs only lexical validation before Node.js reads the file, Runtipi resolves and returns the symlink target, potentially leaking /data/.env, JWT secrets, service credentials, and seed values to any unauthenticated requester. No public exploit code has been identified at time of analysis and the issue is not listed in CISA KEV; a vendor-confirmed fix is available in v4.10.0.
Arbitrary file deletion in evolution-data-server's addressbook file backend exposes host filesystem to manipulation by a Flatpak application with D-Bus access. The vulnerability exploits split validation logic: a crafted URI embedding directory traversal sequences (e.g., '../') is accepted without sufficient sanitization during contact creation or modification, but when the same URI is later processed at deletion time, a second, less restrictive check fails to catch the traversal - allowing files outside the intended addressbook directory to be removed. Critically, deletion of Flatpak override files could be leveraged to silently weaken sandbox restrictions for subsequent application runs. No public exploit has been identified at time of analysis.
Authorization bypass in Caddy web server on Windows allows unauthenticated remote attackers to access files in path-protected directories by substituting forward slashes with URL-encoded backslashes (%5C). The flaw stems from an inconsistency between Caddy's `path` matcher and `file_server` handler, where the matcher treats `\` as a literal character while Windows-native filesystem code treats it as a separator. A detailed proof-of-concept is published in the vendor advisory, though no public exploit identified at time of analysis in exploitation databases.
Arbitrary file write in Streambert Electron desktop app (versions ≤2.4.0) allows remote attackers to drop files anywhere the app process can write by serving a malicious subtitle ZIP archive. The subtitle extraction routine concatenates raw archive entry names to the destination path without sanitization, enabling classic Zip Slip path traversal that can be escalated to code execution by overwriting startup or configuration files. No public exploit identified at time of analysis, but the upstream advisory (GHSA-3q2x-3q9p-qwfc) and fix in v2.5.0 confirm the issue.
Arbitrary file deletion in the Car Zone WordPress theme (versions through 3.7) by Aivah Themes lets remote, unauthenticated attackers remove files on the underlying server through a path-traversal flaw. The CVSS:3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/A:H) reflects that file deletion crosses scope into the broader WordPress installation, enabling denial-of-service or forced reinstall scenarios. No public exploit identified at time of analysis and the CVE is not in CISA KEV.
Unauthenticated arbitrary file download affects the 'WordPress & WooCommerce Scraper Plugin, Import Data from Any Site' plugin by Extendons in versions up to and including 1.0.7. Remote attackers can exploit a path traversal weakness (CWE-22) to retrieve arbitrary files from the underlying web server without any authentication, exposing sensitive data such as wp-config.php credentials. No public exploit identified at time of analysis, but the network-reachable, no-privilege CVSS profile (7.5) makes opportunistic mass-scanning by WordPress vulnerability scanners likely once disclosed.
Path manipulation in the LangGraph Python SDK (langgraph-sdk) version 0.3.14 and earlier lets caller-supplied identifier values containing URL-special characters redirect an HTTP request to a different resource — or resource type — than the SDK call intended. When applications forward untrusted, unvalidated identifiers into SDK methods and rely on upstream URL-prefix authorization, an attacker can reach, modify, or delete resources outside their authorization scope. There is no public exploit identified at time of analysis and EPSS is low (0.22%), but CVSS is rated 9.1 due to high confidentiality and integrity impact.
BYONM module resolution in Deno (≤ 2.7.11) allows path traversal via crafted `package.json` `main` fields, bypassing the `--allow-read` permission sandbox that is central to Deno's security model. A malicious npm package installed under a BYONM `node_modules` tree can cause `require()` to read and return the parsed contents of arbitrary JSON files outside the directory scope granted by `--allow-read`, while a direct `Deno.readTextFileSync()` call to the same path would be correctly blocked. No active exploitation is confirmed (not in CISA KEV), but a self-contained proof-of-concept was supplied by the reporter and is documented in the GitHub Security Advisory; real-world risk is meaningful in supply-chain scenarios where Deno's permission model is the primary isolation boundary.
Path traversal in FileBrowser Quantum (gtsteffaniak fork) versions prior to 1.3.2-stable, 1.4.0-beta, and 1.4.1-beta allows holders of a public share link with AllowModify=true to move, copy, or rename arbitrary files within the share owner's source root by abusing the publicPatchHandler in backend/http/public.go. The flaw stems from filepath.Join collapsing ../ segments BEFORE the SanitizeUserPath check runs, an identical pattern to the previously patched DELETE endpoint (CVE-2026-44542). No public exploit identified at time of analysis, but the GHSA advisory documents the exact code path and the issue is rated CVSS 4.0 9.3 (Critical).
Remote command injection in ServerCo getssl 2.49 and prior allows an attacker who controls or tampers with ACME challenge responses (a malicious/compromised CA endpoint or on-path adversary) to write attacker-chosen file paths via tokens that violate RFC 8555 base64url constraints, typically yielding code execution as the privileged user that renews certificates. The issue was reported by runZero, fixed upstream in v2.50, and at the time of analysis there is no public exploit identified and the CVE is not listed in CISA KEV.
Untrusted search path execution in OpenClaw before 2026.5.2 allows a local low-privileged user to coerce maintenance task routines into invoking attacker-controlled executables in place of the intended trash command. By manipulating workspace-derived environment paths consumed during maintenance operations, an authenticated user can hijack command resolution and run arbitrary binaries in the OpenClaw process context. No public exploit identified at time of analysis, but VulnCheck has published a dedicated advisory describing the workspace-derived service path abuse.
Untrusted search path in OpenClaw versions prior to 2026.4.29 lets workspace-local .env files override the npm_execpath variable consulted by the install helper, redirecting bundled dependency installation to an attacker-controlled package-manager binary. An attacker who can place files in the workspace can hijack the runtime dependency setup step to compromise the build environment under the developer's identity, with no public exploit identified at time of analysis.
The Git node in n8n's workflow automation platform allows authenticated workflow editors to exfiltrate arbitrary host filesystem contents by supplying local paths as git repository sources in Clone or Push operations, bypassing the N8N_RESTRICT_FILE_ACCESS_TO sandbox entirely. Any git repository readable by the n8n process - including directories containing SSH keys, environment files, or database credentials - can be cloned into an allowed output path and read back through normal workflow outputs. No public exploit identified at time of analysis, but the attack complexity is genuinely low for any user holding workflow editing permissions, and vendor-confirmed patches are available in versions 1.123.48, 2.21.8, and 2.22.4.
Path traversal in Langflow's Knowledge Bases API (POST /api/v1/knowledge_bases) allows authenticated users to create directories and write controlled JSON files outside their designated storage boundary anywhere on the server filesystem. Versions up to and including langflow 1.8.4 (pip) are confirmed affected; the root cause is the unsanitized use of a user-supplied `name` field in path construction within `create_knowledge_base`. A public proof-of-concept is included in the GHSA advisory, lowering the exploitation bar considerably, though no CISA KEV listing confirms active widespread exploitation at time of analysis.
Arbitrary local file read in the Natural Language Toolkit (NLTK) Python library affects versions up to and including 3.9.4 via a decode-after-check flaw in nltk.data.load() when handling the nltk: URL scheme. Attackers who can influence resource identifiers passed to this function can bypass the _UNSAFE_NO_PROTOCOL_RE regex using URL-encoded separators (%2f) or traversal segments (%2e%2e), allowing reads of files such as /etc/passwd, /proc/self/environ, SSH keys, and application secrets. Publicly available exploit code exists via the GHSA-p4gq-832x-fm9v advisory, though no public exploit identified in CISA KEV at time of analysis.
Static file disclosure in Hono's serve-static middleware on Windows allows unauthenticated remote attackers to read files protected behind prefix-mounted middleware by submitting a URL-encoded backslash (%5C) in the request path. Hono versions prior to 4.12.25 are affected when deployed on Windows using the Node, Bun, or Deno adapters with an auth or access-control middleware guarding a static subtree. No public exploit or CISA KEV listing has been identified at time of analysis, but the attack primitive is trivially constructable from the public advisory.
Path traversal in Apache Airflow SFTP provider (apache-airflow-providers-sftp before 5.8.1) allows a malicious or compromised remote SFTP server to write files outside the configured local destination directory on the Airflow worker host. The root cause is that SFTPHook.retrieve_directory does not sanitize server-supplied directory-entry names before constructing local file paths, enabling traversal sequences to escape the intended destination. No exploit code has been publicly identified at time of analysis, but the attack requires no Airflow credentials - any deployment that downloads directories from an untrusted SFTP server is in scope.
Arbitrary file deletion in the WP Review Slider Pro WordPress plugin (versions up to and including 12.6.8) allows authenticated attackers with Subscriber-level access to delete arbitrary files on the underlying server, potentially escalating to remote code execution by removing files such as wp-config.php to trigger the WordPress setup flow. The flaw stems from missing capability checks on two AJAX handlers (wpfb_hide_review and wprp_save_review_admin) combined with a defective strpos()-based prefix check in wpfb_hidereview_ajax() that fails to neutralize path traversal sequences before calling unlink(). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; reported by Wordfence.
Parameter smuggling in python-multipart below 0.0.30 allows unauthenticated network attackers to present a different field name or filename to an upstream WAF, proxy, or gateway than the value actually delivered to the backend application. The root cause is that parse_options_header delegates to Python's email.message.Message, which silently applies RFC 2231/5987 extended parameter decoding - a behavior explicitly forbidden for multipart/form-data by RFC 7578 §4.2 - causing the extended value to override the plain parameter and bypass inspection logic. Concrete downstream consequences include circumventing filename-based upload controls and, where applications construct filesystem paths from the parsed filename without sanitization, achieving path traversal via decoded percent sequences such as ..%2F or injecting null bytes (%00) to confuse validators. No public exploit has been identified and the vulnerability is not in CISA KEV; CVSS 3.7 with AC:H reflects that exploitation requires a specific upstream inspector in the deployment topology.
Path traversal in the FastDup WordPress plugin through version 2.7.2 allows remote attackers to read or write arbitrary files outside the plugin's intended directory after a single user interaction, with confidentiality, integrity, and availability impacts extending to the WordPress host (scope-changed, CVSS 9.6). The flaw is unauthenticated per the CVSS vector but requires a victim to trigger the malicious request, and no public exploit identified at time of analysis. Disclosure originates from Patchstack's WordPress vulnerability research program.
Arbitrary file deletion in the WordPress WP User Manager plugin versions 2.9.16 and earlier allows authenticated subscriber-level users to delete arbitrary files on the underlying server via a path traversal flaw. Successful exploitation can corrupt the WordPress installation and, when wp-config.php is targeted, force the site into setup mode enabling a takeover chain. No public exploit identified at time of analysis, but the CVSS 9.9 rating and low privilege requirement make this a priority patch for affected sites.
Unauthenticated path traversal in the Shared Files WordPress plugin (versions 1.7.64 and earlier) allows remote attackers to read arbitrary files outside the plugin's intended directory scope on the underlying WordPress host. The flaw is reachable without authentication over the network and carries a CVSS 7.5 with high confidentiality impact, though no public exploit identified at time of analysis and the issue is not listed in CISA KEV. Disclosed by Patchstack, the bug primarily threatens sensitive files such as wp-config.php and other server-side secrets accessible to the web user.
Unauthenticated arbitrary file download in the WPC Product Options for WooCommerce WordPress plugin (versions ≤ 3.2.1) allows remote attackers to retrieve arbitrary files from the underlying server without any credentials. The flaw is a classic path traversal (CWE-22) reachable over the network at low complexity, and while no public exploit identified at time of analysis, the disclosure by Patchstack and trivial attack profile make opportunistic scanning likely against WooCommerce storefronts running this plugin.
Authenticated path traversal in the WP Customer Area WordPress plugin through version 8.3.4 allows users with low-privilege custom roles to escape intended directory boundaries and access or manipulate files outside the plugin's permitted scope. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N) indicates network-reachable exploitation by authenticated users with high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.
Arbitrary file deletion in the Link Library WordPress plugin (versions 7.8.8 and earlier) allows authenticated contributors to delete arbitrary files on the server via a path traversal flaw. Reported by Patchstack and tracked as EUVD-2026-36986, the issue enables low-privileged authors of WordPress content to disrupt site availability by removing critical files such as wp-config.php; no public exploit identified at time of analysis.
Unauthenticated arbitrary file deletion in the WordPress plugin Contact Form Extender for Divi (versions <= 1.0.6) allows remote attackers to delete arbitrary files on the host filesystem via a path traversal flaw. Deletion of critical files such as wp-config.php can force WordPress into setup mode, enabling site takeover. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Arbitrary file deletion in the Groundhogg WordPress plugin (versions 4.4 and earlier) allows authenticated users with the Sales Representative role to delete files outside the plugin's intended scope via a path traversal flaw. With no public exploit identified at time of analysis and a CVSS 7.7 driven by scope change and high availability impact, the issue threatens site integrity and uptime rather than data confidentiality. The vulnerability was disclosed by Patchstack and is tracked in the ENISA EUVD as EUVD-2026-36971.
Path traversal in the WordPress Download Monitor plugin (versions <= 5.1.9, by WP Chill) allows a network-accessible attacker with Author-level WordPress credentials to download arbitrary files from the server, achieving high confidentiality impact. The vulnerability (CWE-22) stems from improper sanitization of file paths within the plugin's download functionality, enabling directory traversal outside the intended file scope. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and no EPSS data was provided to quantify exploitation probability.
Arbitrary file deletion in Meta Box - WordPress Custom Fields Framework versions 5.11.1 and earlier exposes servers to filesystem damage through a path traversal flaw (CWE-22) accessible to WordPress Contributor-level users. By embedding traversal sequences in a crafted file deletion request, an authenticated Contributor can delete files outside the intended plugin directory, potentially reaching critical server or WordPress installation files. No active exploitation has been confirmed by CISA KEV, and no public exploit code has been identified at time of analysis; however, the scope-changed CVSS metric indicates that impact can extend beyond the WordPress application boundary to the underlying server filesystem.
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a path traversal flaw in the plugin import routine with file upload functionality to run arbitrary PHP as the web server user. Publicly available exploit code exists (published by Karma Insecurity / VulnCheck) demonstrating a race-condition-assisted bypass of sanitization, but the issue is not listed in CISA KEV and no public EPSS signal was provided. The high PR:H requirement limits attackers to those already holding administrator credentials or able to obtain them.
Arbitrary file disclosure in Vite's development server on Windows allows remote unauthenticated attackers to read sensitive files (such as `.env`, `*.pem`, `*.crt`) that are nominally protected by the `server.fs.deny` allowlist. The flaw stems from Windows-specific path-form quirks (NTFS Alternate Data Stream syntax `::$DATA` and 8.3 short filename aliases) that bypass deny-list normalization, and publicly available exploit code exists in the GHSA advisory. Only dev servers explicitly exposed to the network via `--host`/`server.host` are reachable.
Arbitrary source map file read in @babel/core allows an attacker who controls Babel's input source code to exfiltrate any source map file (.map) accessible to the process running Babel, provided the attacker can also read the compilation output and knows the target file path. This affects all @babel/core versions up to and including 7.29.0 and the 8.0.0 alpha/rc series prior to 8.0.0-rc.6. No public exploit is identified at time of analysis, and exploitation is constrained by three simultaneous conditions, but the vulnerability is significant in environments that compile untrusted or externally submitted code - such as online transpilers, CI/CD pipelines accepting external PRs, or multi-tenant build services.
Arbitrary file write via path traversal in Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) allows an authenticated low-privileged attacker to create or overwrite any file on the underlying operating system by sending crafted HTTP requests to affected API endpoints. The vulnerability stems from insufficient validation of user-supplied input during the file upload process (CWE-22), and a successful exploit can serve as a reliable stepping stone to root-level privilege escalation on the management host. No public exploit has been identified at time of analysis, and the vulnerability is not currently listed in CISA KEV; however, the integrity impact combined with root escalation potential elevates real-world risk above the CVSS 6.5 Medium baseline.
WordPress Plugin HB Audio Gallery Lite 1.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the file_path parameter. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
WordPress Brandfolder plugin version 3.0 and earlier contains a local file inclusion vulnerability in callback.php that allows unauthenticated attackers to include arbitrary files by manipulating the. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
WordPress Dharma Booking 2.28.3 and earlier contains a local file inclusion vulnerability that allows unauthenticated attackers to include arbitrary files by manipulating the gateway parameter. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
WordPress IMDb Profile Widget 1.0.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the url parameter. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
WordPress Simple-Backup 2.7.11 contains multiple vulnerabilities that allow unauthenticated attackers to delete arbitrary files and download sensitive files by manipulating the delete_backup_file and. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Path traversal in Wertheim SafeController Software (AssemblyVersion 6.15.8328.28014) enables an authenticated user holding the settings_branches_manage privilege to embed directory traversal sequences in a newly created branch code, redirecting downstream file-write operations — covering uploaded files, profile pictures, and settings data — to attacker-chosen filesystem locations. The root cause is insufficient server-side validation of the branch code field at branch creation time; that tainted value later propagates into multiple file-path-generation routines across the application. No active exploitation is confirmed (not in CISA KEV) and no public exploit code has been identified; real-world impact is bounded by both the service account's write permissions and length restrictions on the branch code value.
Authenticated path traversal in Wertheim SafeController Software (AssemblyVersion 6.15.8328.28014) - software used to manage vault rooms and safe deposit locker systems - allows any logged-in user to read arbitrary files from the host via the documentName parameter of the /safe/selfservice/openselfservicedocument endpoint. Successful exploitation exposes application log files (which may contain credentials or session data) and application binaries, enabling secondary attacks against the safe deposit locker infrastructure. No public exploit identified at time of analysis, and the issue was disclosed by SEC Consult Vulnerability Lab (SEC-VLab).
Path traversal in the Intelbras iNVU 7016 FT NVR web interface allows authenticated high-privilege remote users to read arbitrary files outside the intended syslog directory via the /RPC2_Loadfile/syslog/ endpoint. Affected firmware is version 3.004.00IB000.0.T Build 2025-09-26; the vendor has since released a patched firmware build (2026-05-29). No public exploit identified at time of analysis as KEV-confirmed active exploitation, but a public proof-of-concept writeup exists, elevating practical risk above baseline.
Path traversal in Microweber CMS up to version 2.0.20 exposes the unauthenticated `/api_nosession/thumbnail_img` endpoint to file system manipulation via the `cache_path_relative` parameter of the `userfiles_path` function. Remote, unauthenticated attackers can traverse outside the intended directory to read - and potentially write - files accessible to the web server process. A public proof-of-concept exploit is available and the vendor did not respond to responsible disclosure, meaning no patch exists at time of analysis.
Path traversal in Bludit 3.19.0's api/plugin.php endpoint allows remote attackers to escape the intended directory and access arbitrary files on the server via crafted requests. The CVSS 9.8 rating reflects unauthenticated network-based exploitation with high impact across confidentiality, integrity, and availability, and publicly available exploit code exists in a public gist, though EPSS remains low at 0.25%.
In OCaml-tar before 3.4.0, a crafted archive with ../ path segments in its name allows escaping the current working directory. This is not desired behavior, and tar(1) rejects such extractions, but ocaml-tar decompresses it anyway. The impact is that it allows arbitrary file writes outside of the desired extraction directory (to an attacker that can reach a tar decompression endpoint).
Directory traversal in Zhoros SuperBin v1.0.0 allows remote unauthenticated attackers to read or write files outside intended directories by uploading files whose names contain traversal sequences such as '../'. The flaw stems from inadequate sanitization of user-supplied filenames during file handling operations. Publicly available exploit code exists via a referenced GitHub gist, though there is no public exploit identified as weaponized at scale and the vulnerability is not listed in CISA KEV.
The Store Locator WordPress plugin before 1.6.9 does not validate a parameter before using it in a file path, allowing high-privileged users such as administrators to read arbitrary `.php` files from the server, including configuration files that contain database credentials and authentication keys.
Privilege escalation in Grafana Operator (all versions ≤ 5.23) allows any user with Kubernetes RBAC permissions to create GrafanaDashboard or GrafanaLibraryPanel resources to steal the Kubernetes service account token of the operator manager pod. The jsonnet templating language, supported via spec.jsonnetLib, is evaluated unsandboxed inside the operator manager pod, enabling a path traversal payload to read sensitive files - including the mounted service account token - and exfiltrate it through the resulting dashboard output. No public exploit is identified at time of analysis, but successful exploitation yields cluster-level privilege escalation, reflected in the vendor-assigned CVSS 4.0 subsequent-system impact of SC:H/SI:H.
Arbitrary file read in the LWS Optimize WordPress plugin (versions up to and including 3.3.19) permits authenticated users with Editor-level access or above to retrieve any file readable by the web-server process, including sensitive files such as wp-config.php. The vulnerable `combine_current_css()` function blindly trusts stylesheet href values harvested from page HTML, resolves them to absolute filesystem paths, and passes them to `file_get_contents()` without enforcing a safe-directory boundary or a `.css` extension check - a classic CWE-22 path traversal pattern. No public exploit has been identified and the vulnerability is not listed in CISA KEV, but the attack path is straightforward given the source code is publicly accessible in the WordPress plugin repository.
Directory traversal in Allegra's exportReport method exposes arbitrary server-side files to authenticated remote attackers, operating in the context of the underlying service account. The flaw affects all tracked versions per the CPE wildcard (cpe:2.3:a:allegra:allegra:*), with Alltena's 9.0.0 release notes referencing the fix. No public exploit code or CISA KEV listing has been identified at time of analysis, and no EPSS data was provided, but the CVSS 6.5 rating reflects a meaningful confidentiality risk for any internet-facing Allegra deployment where user accounts may be broadly provisioned.
Arbitrary local file read in OpenClaw before 2026.4.7 lets authenticated Gateway operators holding the operator.write scope coerce the memory-wiki ingest feature into importing the contents of arbitrary local files. The flaw, reported by VulnCheck and tracked as GHSA-p2fh-f5fc-44hr, enables disclosure of sensitive host files (credentials, config, secrets) into wiki memory, but no public exploit identified at time of analysis and it is not listed in CISA KEV.
Zip-slip path traversal in filebrowser v2.63.5 and earlier (Linux-hosted) allows any authenticated user with Create permission to plant a file whose name contains URL-encoded Windows-style backslash traversal sequences (`%5C`). The Linux server stores the file with a literal backslash in its name, which `filepath.ToSlash()` silently ignores, and the archive download handler emits that name verbatim into zip/tar central directories. When a Windows victim downloads and extracts the archive using Explorer, 7-Zip, WinRAR, or .NET `ZipFile.ExtractToDirectory`, the extractor interprets `\` as a path separator and writes files to arbitrary locations outside the extraction directory - enabling arbitrary file write on the victim's Windows machine. No public exploit identified at time of analysis beyond the full PoC published in the GHSA advisory; EPSS is 0.03% (8th percentile), consistent with the two-party, victim-interaction requirement.
Symlink-following scope escape in File Browser (filebrowser/filebrowser v2 ≤ 2.63.13) lets a restricted, scoped user-and in the public-share case an unauthenticated recipient-read, overwrite, and share files outside their assigned directory whenever a symlink lexically inside their scope resolves to a target elsewhere on the server. The per-user BasePathFs root blocks lexical ../ traversal but the HTTP handlers dereference symlinks before serving, writing, or sharing, so any file the server process can reach is exposed. Publicly available proof-of-concept exploit code exists in the GHSA advisory; the issue is not in CISA KEV and EPSS is low (0.07%, 23rd percentile).
Unauthenticated path traversal in Nezha Monitoring (nezhahq/nezha) before 2.0.13 allows remote attackers to read arbitrary files from the dashboard host by abusing the NoRoute fallbackToFrontend handler. The handler matches the /dashboard prefix with strings.HasPrefix rather than a path-segment comparison, so a request like /dashboard../data/config.yaml is normalized by path.Join into the application's data directory and served by http.ServeFile. No public exploit identified at time of analysis, but the bypass is trivially reproducible from the disclosed root-cause writeup.
Path traversal in MISP's OrganisationsController::getOrgLogo allows a low-privileged authenticated user to read arbitrary .png or .svg files from outside the intended organisation logo directory by injecting traversal sequences into organisation-controlled fields such as the organisation name, id, or uuid. All MISP versions prior to the patch commit b865deb are affected across any deployment where untrusted accounts hold write access to organisation fields. No public exploit code or CISA KEV listing exists at time of analysis; however, the attack requires only low-privilege access and no user interaction, making it practically exploitable in typical multi-tenant MISP deployments.
Path traversal in Discourse's backup download handler allows an authenticated administrator on one site within a multisite deployment to retrieve backup archives belonging to a co-hosted site on the same server. Backup files typically contain full database dumps, private messages, user credentials, and email addresses, making cross-site access a serious trust-boundary violation. No public exploit has been identified and EPSS sits at 0.04% (12th percentile), reflecting the narrow exploitation conditions; vendor-released patches are available across all affected release trains.
Path traversal across multiple endpoints in Actual, the open-source self-hosted personal finance application, allows authenticated low-privilege users to write files outside intended server directories in all versions prior to 26.5.0. The CVSS 4.0 vector confirms network-accessible exploitation with low-privilege authentication required and impact limited to write operations on the vulnerable system only - no confidentiality or availability impact is indicated. No active exploitation has been confirmed (not in CISA KEV), and the EPSS score of 0.03% (8th percentile) reflects minimal observed exploitation interest at time of analysis.
Arbitrary file write in GeoServer's Master Password Dump web page allows an authenticated administrator to write attacker-controlled content to any absolute filesystem path the GeoServer process can write to, including JSP files in a Tomcat webapps directory. Because GeoServer enforces no maximum master password length, an admin can embed malicious JSP code into the master password and dump it to an executable location, escalating to remote code execution on the host. No public exploit identified at time of analysis and the issue is not in CISA KEV.
Arbitrary file write in Mattermost via path traversal affects versions 11.6.x ≤ 11.6.1, 11.5.x ≤ 11.5.4, and 10.11.x ≤ 10.11.15/10.11.16 when shared channels with federated peers are in use. An attacker who controls a federated Mattermost server can supply crafted FileInfo.Name values during file sync to write files to arbitrary locations in the target server's filestore. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Path traversal in Kedro 1.2.0 allows authenticated local users to read or overwrite files outside of versioned dataset directories by supplying a crafted version string. The flaw resides in `_get_versioned_path()` (kedro/io/core.py) and is also reachable via the `--load-versions` CLI parameter, with downstream risk of data poisoning and cross-tenant data exposure in orchestrated pipelines. No public exploit identified at time of analysis, and the issue is not on CISA KEV.
Unauthenticated arbitrary file upload in Amasty Order Attributes for Magento 2 before 4.0.0 lets remote attackers drop arbitrary files into the store's media directory without authentication, session validation, or cart context. Where the media directory permits PHP execution, this escalates to unauthenticated remote code execution; otherwise it enables stored XSS via HTML/SVG, malware hosting, and path-traversal writes outside the intended directory. No public exploit identified at time of analysis, but the CVSS 4.0 base score of 9.3 and trivial preconditions make this a high-priority issue for any Magento 2 store running the extension.
Path traversal in IEI Integration Corp's iVEC TANK-XM811 Virtualization Edge Computer enables authenticated remote attackers to create directories at arbitrary system paths outside the application's intended scope. The flaw (CWE-22) resides in the network-accessible management interface, where user-supplied path input is not sufficiently sanitized before use in filesystem operations. No public exploit code or active exploitation has been identified at time of analysis, and the impact is constrained to unauthorized directory creation rather than file read, write, or code execution.
Arbitrary file deletion in IEI Integration Corp's iVEC-IEI Virtualization Edge Computer (Tank-XM811 platform) allows authenticated remote attackers to delete arbitrary system files or directories via path traversal, leading to data destruction and service disruption. The flaw was reported through Taiwan's TWCERT coordination process and carries a CVSS 4.0 base score of 7.2 (High) driven by integrity and availability impact. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Arbitrary file read via path traversal in IEI Integration Corp's iVEC TANK-XM811 edge computing platform exposes sensitive system files to privileged remote attackers. The CVSS 4.0 vector (AV:N/PR:H/VC:H) confirms network-accessible exploitation requiring high-privilege credentials, with full confidentiality impact on the vulnerable system and no integrity or availability impact. No public exploit code or CISA KEV listing is identified at time of analysis; the vulnerability was reported by Taiwan CERT (TWCERT) and affects all known firmware versions per CPE wildcard.
Information disclosure in Ubiquiti UniFi OS devices allows unauthenticated network-adjacent attackers to read sensitive data via a path traversal flaw (CWE-22). The high CVSS 8.6 score reflects a scope change with high confidentiality impact, indicating that disclosed data can affect resources beyond the vulnerable component itself. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Authenticated arbitrary code execution in CyberArk Privileged Session Manager (PSM) versions prior to 15.0.3, 14.6.3, 14.2.5, and 14.0.5 allows low-privileged users to escape intended boundaries through incomplete input validation combined with misconfigured folder permissions. Because PSM brokers privileged sessions to critical infrastructure, code execution here directly threatens vaulted credentials and downstream targets, making this a high-impact issue despite requiring authentication. No public exploit identified at time of analysis, but the CVSS 4.0 base score of 8.7 reflects the severity of compromising a PAM component.
Path traversal in WsgiDAV 4.3.3 allows WebDAV clients to read, write, or delete files outside the configured filesystem share root when a sibling directory's name shares a prefix with the share root. The flaw lives in FilesystemProvider._loc_to_file_path(), which performs a string-prefix containment check instead of a path-boundary-aware one, and is reachable via URL-encoded dot segments such as /%2e%2e/. No public exploit is identified at time of analysis, but a proof-of-concept is described in the vendor advisory and a vendor-released patch exists (4.3.4).
Path traversal in OpenClaw before version 2026.4.25 allows attackers with workspace access to manipulate local package root resolution and load memory-core artifacts from attacker-controlled locations, leading to arbitrary code execution or sensitive data disclosure. The flaw stems from workspace state influencing artifact resolution paths (CWE-427, Uncontrolled Search Path Element). No public exploit identified at time of analysis, though VulnCheck has published a dedicated advisory describing the fake package root resolution technique.
Path traversal in Apple macOS prior to Sequoia 15.4 allows a locally-installed application to bypass directory path restrictions and read sensitive user data outside its permitted file system scope. The flaw (CWE-22) stems from insufficient validation of directory path components in macOS path parsing logic, enabling a rogue or compromised app running with standard user privileges to traverse into restricted locations. No public exploit code has been identified and the CVE is not listed in the CISA Known Exploited Vulnerabilities catalog; SSVC assessment confirms no known active exploitation at the time of this analysis.
Static file confinement bypass in @hapi/inert (npm, versions 4.0.0-7.1.0) allows remote unauthenticated attackers to read arbitrary files from sibling directories when those directories share a string prefix with the configured serve path. The flaw is a classic CWE-22 path traversal rooted in a faulty string-prefix comparison that fails to enforce a directory separator boundary, meaning a path like /app/static-secret incorrectly passes the confinement check for a serve root of /app/static. No public exploit code has been identified and this CVE is not in CISA KEV, but the attack itself - a single URL-encoded traversal request - is trivially simple once the precondition of a matching-prefix sibling directory is confirmed.
Path traversal in Perry (PerryTS) CLI versions before 0.5.1159 allows a malicious or compromised build server to write arbitrary files anywhere the Perry process can write, or exfiltrate arbitrary local files, by sending crafted artifact_name or download_path values in ArtifactReady WebSocket messages. No public exploit identified at time of analysis, but the upstream commit and tests confirm the issue and a patched release is available.
Path traversal in Keras archive extraction utilities prior to version 3.14.0 allows remote attackers to write files outside the intended extraction directory when a victim loads a malicious model archive. The flaw stems from validating archive member paths against the process current working directory rather than the actual extraction destination, which collapses to the filesystem root in common Docker, CI/CD, and Jupyter setups. No public exploit identified at time of analysis, but the upstream fix and a Huntr bounty disclosure make targeted exploitation against ML pipelines plausible.
Arbitrary file disclosure in Golem OEE MES (Neuron Soft) before 11.6.0 lets an unauthenticated attacker on the same local network read any file readable by the server process by manipulating HTTP request paths. Reported by CERT-PL with no public exploit identified at time of analysis, the issue is fixed in 11.6.0 and carries a CVSS 4.0 base score of 8.3 driven by adjacent-network access and high confidentiality impact extending beyond the application.
Path traversal in Spring Integration's FTP/SFTP/SMB inbound adapters allows a malicious or compromised remote file server to write attacker-controlled files outside the configured local directory on any client polling it, affecting versions 5.5.0-5.5.20, 6.3.0-6.3.14, 6.4.0-6.4.11, 6.5.0-6.5.8, and 7.0.0-7.0.4. The flaw inverts the usual trust model - the file-transfer client trusts the server's filename, enabling overwrite of arbitrary host files such as configuration, cron, or application JARs, which can escalate to code execution. No public exploit identified at time of analysis, but the issue is straightforward to weaponize once a hostile server endpoint is reachable.
Arbitrary code execution in Dulwich (pure-Python Git implementation) versions 0.23.2 through 1.2.4 allows a malicious upstream repository to drop executable files into a victim's .git/hooks/ directory during a recursive clone or submodule update. When the victim subsequently runs any git or dulwich command that invokes the planted hook, the attacker's code executes with the victim's privileges. No public exploit identified at time of analysis, though the technique mirrors the well-documented upstream Git flaws CVE-2024-32002 and CVE-2024-32004.
Path traversal in Palo Alto Networks Cortex XSOAR engine on Linux enables arbitrary file write to the host system by an unauthenticated adjacent-network attacker who can intercept and manipulate outbound network response traffic via MITM. The referenced NVD entry for CVE-2007-4559 - the canonical Python tarfile path traversal - strongly suggests XSOAR's content pack or update download pipeline uses Python's tarfile module without path sanitization, allowing a poisoned archive to escape the extraction directory. No public exploit code has been identified at time of analysis, and the CVSS 4.0 supplemental metrics classify exploitation as unreported (E:U), though the attack is rated automatable (AU:Y) once MITM positioning is achieved.
Arbitrary file write via path traversal in PDM (Python Development Master) package manager allows malicious wheels to write files outside the intended installation directory during package installation. The flaw exists in InstallDestination.write_to_fs() which overrode the safe base class path validation with an unvalidated os.path.join() call, affecting PDM versions up to and including 2.22.4. No public exploit identified at time of analysis, though the issue mirrors the previously disclosed Poetry CVE-2026-34591 of the same class.
Path traversal via crafted .7z archive in bit7z before v4.0.12 on POSIX platforms allows an attacker-controlled symlink to escape the extraction directory by exactly one level - up to the parent directory. Any archive entries extracted after the malicious symlink is placed will write attacker-controlled files to the parent of the intended output path, carrying the permissions of the extracting process. No public exploit has been identified at time of analysis and this CVE is not listed in CISA KEV; the vendor-confirmed fix ships in version 4.0.12.
Path traversal in Fission Kubernetes serverless framework prior to version 1.25.0 allows authenticated tenants to write files outside the intended extraction directory by submitting a crafted package archive. The fetcher sidecar (fission-fetcher) processes attacker-controlled Package.Spec.Source.URL or Deployment.URL archives via Unarchive in pkg/utils/zip.go, where filepath.Join was used without verifying the resolved path stayed under the destination, enabling cross-tenant file overwrite, tampering with mounted secret/config volumes, or overwriting the fetcher binary itself. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Arbitrary directory deletion in julien040/anyquery 0.4.4 and earlier allows an authenticated low-privileged bearer-token holder to delete any directory accessible to the server process by submitting a SQL query that invokes clear_plugin_cache with a path-traversal payload. The flaw stems from path.Join silently resolving '..' segments before os.RemoveAll, and publicly available exploit code exists in the GitHub Security Advisory GHSA-j9rx-rppg-6hh4. Verified impact includes irreversible deletion of files outside the intended $XDG_CACHE_HOME/anyquery/plugins/ cache root, producing data loss and denial of service.
Path traversal in Roxy-WI versions 8.2.6.4 and prior allows authenticated remote attackers to read arbitrary configuration files via the config_file_name and configver parameters. The vendor's attempted fix in commit d4d10006 is ineffective due to a logic error - it uses Python tuple-membership instead of substring containment - leaving all realistic '../' payloads unblocked, with no public exploit identified at time of analysis.
Arbitrary file write in kubev2v assisted-migration-agent allows an unauthenticated attacker on the same LAN to achieve code execution on the appliance by uploading a crafted gzipped tarball that bypasses path traversal checks via chained symlinks. The flaw resides in the VDDK tarball extraction routine (extractTarGz in internal/services/vddk.go) and has a high CVSS of 9.6 due to scope change and full CIA impact, though no public exploit has been identified at time of analysis.
Path traversal in Ghidra's IsfServer component (all versions before 12.2) allows remote unauthenticated attackers to enumerate filesystem paths and probe arbitrary files by connecting to TCP port 54321 and sending crafted protobuf messages. The root cause is unsanitized client-supplied namespace strings passed directly to filesystem operations, a CWE-22 defect. Given Ghidra's deployment context - security research, malware analysis, and reverse engineering of sensitive artifacts, often in high-value government and defense environments - successful exploitation could expose directory structures and sensitive file metadata on the analyst's workstation. No public exploit code has been identified and this vulnerability is not in CISA KEV at time of analysis.
Arbitrary file write in NSA's Ghidra reverse-engineering framework before version 12.0.4 allows attackers to escape the theme directory via Zip Slip path traversal sequences in malicious theme ZIP archives, leading to code execution or credential compromise. The flaw requires user interaction (importing the booby-trapped theme) and is exploited locally against the user running Ghidra. No public exploit identified at time of analysis, though the technique (Zip Slip) is well-documented and trivially reproducible.
Arbitrary file write in NSA Ghidra versions prior to 12.0.2 allows local attackers to achieve code execution by tricking a user into installing a malicious extension archive. The extension installer fails to sanitize ZIP entry names, enabling classic Zip Slip path traversal that writes files outside the intended extension directory. No public exploit identified at time of analysis, though the technique is well-documented and trivially reproducible.
Path traversal in Ghidra's SameDirDebugInfoProvider (versions before 12.1) enables filesystem probing and CRC32 hash leakage of arbitrary files when a user opens a crafted ELF binary during automatic DWARF analysis. The vulnerability stems from missing validation of filenames embedded in ELF .gnu_debuglink sections before those filenames are used to construct filesystem paths. No public exploit code is currently identified and it is not listed in CISA KEV, but the risk is notable for security researchers and reverse engineers who routinely analyze untrusted binaries.
Arbitrary file download in the WooCommerce Book Price WordPress plugin (versions 1.3 and earlier) allows remote attackers to retrieve arbitrary files from the underlying server filesystem via path traversal. The CVSS vector indicates network-reachable exploitation without authentication or user interaction, yielding high confidentiality impact with no integrity or availability effects. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Unauthenticated arbitrary file download in JoomUnited's WP Media Folder Addon WordPress plugin versions 4.0.1 and below allows remote attackers to retrieve arbitrary files from the underlying server via a path traversal weakness (CWE-22). The flaw is exploitable over the network without authentication or user interaction, exposing sensitive WordPress and server files such as wp-config.php. No public exploit identified at time of analysis, and the issue is not currently tracked in CISA KEV.
Arbitrary file deletion in QuantumCloud WPBot Pro WordPress Chatbot plugin versions 13.6.5 and earlier allows authenticated subscriber-level users to delete arbitrary files on the WordPress host via a path traversal flaw. With no public exploit identified at time of analysis, the issue still carries elevated risk because exploitation requires only the lowest-privilege WordPress role, which is auto-grantable on sites that allow open registration. Deleting files such as wp-config.php can trigger the WordPress install routine and lead to full site takeover.
Arbitrary file write via path traversal in SOLIDWORKS Visualize (bundled with SOLIDWORKS Desktop 2024 through 2026) allows remote attackers to place files at attacker-chosen locations on the server. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N) indicates remote, unauthenticated exploitation with high impact across confidentiality, integrity, and availability. At time of analysis, no public exploit identified and the issue is not on the CISA KEV list.
Authenticated path traversal in Gogs self-hosted Git service (versions <= 0.13.4) allows any user with repository edit permissions to overwrite arbitrary files on the host filesystem via the diff preview endpoint, resulting in denial of service. By abusing the `git diff --output=<file>` flag through the `POST /:user/:repo/_preview/:branch/:path_to_file` handler and bypassing the standard library `path.Clean` filter, an attacker can corrupt critical files such as `gogs.db` or `app.ini`. Publicly available exploit code exists in the form of a detailed researcher write-up with payload examples, though no CISA KEV listing or active exploitation has been reported.
Arbitrary file read in Runtipi 4.9.1-4.9.3 exposes sensitive container secrets via symlink following in an unauthenticated app-store logo endpoint. An attacker who controls a Git-based app-store repository can embed a symbolic link as a marketplace logo file; because the path guard performs only lexical validation before Node.js reads the file, Runtipi resolves and returns the symlink target, potentially leaking /data/.env, JWT secrets, service credentials, and seed values to any unauthenticated requester. No public exploit code has been identified at time of analysis and the issue is not listed in CISA KEV; a vendor-confirmed fix is available in v4.10.0.
Arbitrary file deletion in evolution-data-server's addressbook file backend exposes host filesystem to manipulation by a Flatpak application with D-Bus access. The vulnerability exploits split validation logic: a crafted URI embedding directory traversal sequences (e.g., '../') is accepted without sufficient sanitization during contact creation or modification, but when the same URI is later processed at deletion time, a second, less restrictive check fails to catch the traversal - allowing files outside the intended addressbook directory to be removed. Critically, deletion of Flatpak override files could be leveraged to silently weaken sandbox restrictions for subsequent application runs. No public exploit has been identified at time of analysis.
Authorization bypass in Caddy web server on Windows allows unauthenticated remote attackers to access files in path-protected directories by substituting forward slashes with URL-encoded backslashes (%5C). The flaw stems from an inconsistency between Caddy's `path` matcher and `file_server` handler, where the matcher treats `\` as a literal character while Windows-native filesystem code treats it as a separator. A detailed proof-of-concept is published in the vendor advisory, though no public exploit identified at time of analysis in exploitation databases.
Arbitrary file write in Streambert Electron desktop app (versions ≤2.4.0) allows remote attackers to drop files anywhere the app process can write by serving a malicious subtitle ZIP archive. The subtitle extraction routine concatenates raw archive entry names to the destination path without sanitization, enabling classic Zip Slip path traversal that can be escalated to code execution by overwriting startup or configuration files. No public exploit identified at time of analysis, but the upstream advisory (GHSA-3q2x-3q9p-qwfc) and fix in v2.5.0 confirm the issue.
Arbitrary file deletion in the Car Zone WordPress theme (versions through 3.7) by Aivah Themes lets remote, unauthenticated attackers remove files on the underlying server through a path-traversal flaw. The CVSS:3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/A:H) reflects that file deletion crosses scope into the broader WordPress installation, enabling denial-of-service or forced reinstall scenarios. No public exploit identified at time of analysis and the CVE is not in CISA KEV.
Unauthenticated arbitrary file download affects the 'WordPress & WooCommerce Scraper Plugin, Import Data from Any Site' plugin by Extendons in versions up to and including 1.0.7. Remote attackers can exploit a path traversal weakness (CWE-22) to retrieve arbitrary files from the underlying web server without any authentication, exposing sensitive data such as wp-config.php credentials. No public exploit identified at time of analysis, but the network-reachable, no-privilege CVSS profile (7.5) makes opportunistic mass-scanning by WordPress vulnerability scanners likely once disclosed.
Path manipulation in the LangGraph Python SDK (langgraph-sdk) version 0.3.14 and earlier lets caller-supplied identifier values containing URL-special characters redirect an HTTP request to a different resource — or resource type — than the SDK call intended. When applications forward untrusted, unvalidated identifiers into SDK methods and rely on upstream URL-prefix authorization, an attacker can reach, modify, or delete resources outside their authorization scope. There is no public exploit identified at time of analysis and EPSS is low (0.22%), but CVSS is rated 9.1 due to high confidentiality and integrity impact.
BYONM module resolution in Deno (≤ 2.7.11) allows path traversal via crafted `package.json` `main` fields, bypassing the `--allow-read` permission sandbox that is central to Deno's security model. A malicious npm package installed under a BYONM `node_modules` tree can cause `require()` to read and return the parsed contents of arbitrary JSON files outside the directory scope granted by `--allow-read`, while a direct `Deno.readTextFileSync()` call to the same path would be correctly blocked. No active exploitation is confirmed (not in CISA KEV), but a self-contained proof-of-concept was supplied by the reporter and is documented in the GitHub Security Advisory; real-world risk is meaningful in supply-chain scenarios where Deno's permission model is the primary isolation boundary.
Path traversal in FileBrowser Quantum (gtsteffaniak fork) versions prior to 1.3.2-stable, 1.4.0-beta, and 1.4.1-beta allows holders of a public share link with AllowModify=true to move, copy, or rename arbitrary files within the share owner's source root by abusing the publicPatchHandler in backend/http/public.go. The flaw stems from filepath.Join collapsing ../ segments BEFORE the SanitizeUserPath check runs, an identical pattern to the previously patched DELETE endpoint (CVE-2026-44542). No public exploit identified at time of analysis, but the GHSA advisory documents the exact code path and the issue is rated CVSS 4.0 9.3 (Critical).
Remote command injection in ServerCo getssl 2.49 and prior allows an attacker who controls or tampers with ACME challenge responses (a malicious/compromised CA endpoint or on-path adversary) to write attacker-chosen file paths via tokens that violate RFC 8555 base64url constraints, typically yielding code execution as the privileged user that renews certificates. The issue was reported by runZero, fixed upstream in v2.50, and at the time of analysis there is no public exploit identified and the CVE is not listed in CISA KEV.
Untrusted search path execution in OpenClaw before 2026.5.2 allows a local low-privileged user to coerce maintenance task routines into invoking attacker-controlled executables in place of the intended trash command. By manipulating workspace-derived environment paths consumed during maintenance operations, an authenticated user can hijack command resolution and run arbitrary binaries in the OpenClaw process context. No public exploit identified at time of analysis, but VulnCheck has published a dedicated advisory describing the workspace-derived service path abuse.
Untrusted search path in OpenClaw versions prior to 2026.4.29 lets workspace-local .env files override the npm_execpath variable consulted by the install helper, redirecting bundled dependency installation to an attacker-controlled package-manager binary. An attacker who can place files in the workspace can hijack the runtime dependency setup step to compromise the build environment under the developer's identity, with no public exploit identified at time of analysis.
The Git node in n8n's workflow automation platform allows authenticated workflow editors to exfiltrate arbitrary host filesystem contents by supplying local paths as git repository sources in Clone or Push operations, bypassing the N8N_RESTRICT_FILE_ACCESS_TO sandbox entirely. Any git repository readable by the n8n process - including directories containing SSH keys, environment files, or database credentials - can be cloned into an allowed output path and read back through normal workflow outputs. No public exploit identified at time of analysis, but the attack complexity is genuinely low for any user holding workflow editing permissions, and vendor-confirmed patches are available in versions 1.123.48, 2.21.8, and 2.22.4.
Path traversal in Langflow's Knowledge Bases API (POST /api/v1/knowledge_bases) allows authenticated users to create directories and write controlled JSON files outside their designated storage boundary anywhere on the server filesystem. Versions up to and including langflow 1.8.4 (pip) are confirmed affected; the root cause is the unsanitized use of a user-supplied `name` field in path construction within `create_knowledge_base`. A public proof-of-concept is included in the GHSA advisory, lowering the exploitation bar considerably, though no CISA KEV listing confirms active widespread exploitation at time of analysis.
Arbitrary local file read in the Natural Language Toolkit (NLTK) Python library affects versions up to and including 3.9.4 via a decode-after-check flaw in nltk.data.load() when handling the nltk: URL scheme. Attackers who can influence resource identifiers passed to this function can bypass the _UNSAFE_NO_PROTOCOL_RE regex using URL-encoded separators (%2f) or traversal segments (%2e%2e), allowing reads of files such as /etc/passwd, /proc/self/environ, SSH keys, and application secrets. Publicly available exploit code exists via the GHSA-p4gq-832x-fm9v advisory, though no public exploit identified in CISA KEV at time of analysis.
Static file disclosure in Hono's serve-static middleware on Windows allows unauthenticated remote attackers to read files protected behind prefix-mounted middleware by submitting a URL-encoded backslash (%5C) in the request path. Hono versions prior to 4.12.25 are affected when deployed on Windows using the Node, Bun, or Deno adapters with an auth or access-control middleware guarding a static subtree. No public exploit or CISA KEV listing has been identified at time of analysis, but the attack primitive is trivially constructable from the public advisory.
Path traversal in Apache Airflow SFTP provider (apache-airflow-providers-sftp before 5.8.1) allows a malicious or compromised remote SFTP server to write files outside the configured local destination directory on the Airflow worker host. The root cause is that SFTPHook.retrieve_directory does not sanitize server-supplied directory-entry names before constructing local file paths, enabling traversal sequences to escape the intended destination. No exploit code has been publicly identified at time of analysis, but the attack requires no Airflow credentials - any deployment that downloads directories from an untrusted SFTP server is in scope.
Arbitrary file deletion in the WP Review Slider Pro WordPress plugin (versions up to and including 12.6.8) allows authenticated attackers with Subscriber-level access to delete arbitrary files on the underlying server, potentially escalating to remote code execution by removing files such as wp-config.php to trigger the WordPress setup flow. The flaw stems from missing capability checks on two AJAX handlers (wpfb_hide_review and wprp_save_review_admin) combined with a defective strpos()-based prefix check in wpfb_hidereview_ajax() that fails to neutralize path traversal sequences before calling unlink(). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; reported by Wordfence.
Parameter smuggling in python-multipart below 0.0.30 allows unauthenticated network attackers to present a different field name or filename to an upstream WAF, proxy, or gateway than the value actually delivered to the backend application. The root cause is that parse_options_header delegates to Python's email.message.Message, which silently applies RFC 2231/5987 extended parameter decoding - a behavior explicitly forbidden for multipart/form-data by RFC 7578 §4.2 - causing the extended value to override the plain parameter and bypass inspection logic. Concrete downstream consequences include circumventing filename-based upload controls and, where applications construct filesystem paths from the parsed filename without sanitization, achieving path traversal via decoded percent sequences such as ..%2F or injecting null bytes (%00) to confuse validators. No public exploit has been identified and the vulnerability is not in CISA KEV; CVSS 3.7 with AC:H reflects that exploitation requires a specific upstream inspector in the deployment topology.
Path traversal in the FastDup WordPress plugin through version 2.7.2 allows remote attackers to read or write arbitrary files outside the plugin's intended directory after a single user interaction, with confidentiality, integrity, and availability impacts extending to the WordPress host (scope-changed, CVSS 9.6). The flaw is unauthenticated per the CVSS vector but requires a victim to trigger the malicious request, and no public exploit identified at time of analysis. Disclosure originates from Patchstack's WordPress vulnerability research program.
Arbitrary file deletion in the WordPress WP User Manager plugin versions 2.9.16 and earlier allows authenticated subscriber-level users to delete arbitrary files on the underlying server via a path traversal flaw. Successful exploitation can corrupt the WordPress installation and, when wp-config.php is targeted, force the site into setup mode enabling a takeover chain. No public exploit identified at time of analysis, but the CVSS 9.9 rating and low privilege requirement make this a priority patch for affected sites.
Unauthenticated path traversal in the Shared Files WordPress plugin (versions 1.7.64 and earlier) allows remote attackers to read arbitrary files outside the plugin's intended directory scope on the underlying WordPress host. The flaw is reachable without authentication over the network and carries a CVSS 7.5 with high confidentiality impact, though no public exploit identified at time of analysis and the issue is not listed in CISA KEV. Disclosed by Patchstack, the bug primarily threatens sensitive files such as wp-config.php and other server-side secrets accessible to the web user.
Unauthenticated arbitrary file download in the WPC Product Options for WooCommerce WordPress plugin (versions ≤ 3.2.1) allows remote attackers to retrieve arbitrary files from the underlying server without any credentials. The flaw is a classic path traversal (CWE-22) reachable over the network at low complexity, and while no public exploit identified at time of analysis, the disclosure by Patchstack and trivial attack profile make opportunistic scanning likely against WooCommerce storefronts running this plugin.
Authenticated path traversal in the WP Customer Area WordPress plugin through version 8.3.4 allows users with low-privilege custom roles to escape intended directory boundaries and access or manipulate files outside the plugin's permitted scope. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N) indicates network-reachable exploitation by authenticated users with high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.
Arbitrary file deletion in the Link Library WordPress plugin (versions 7.8.8 and earlier) allows authenticated contributors to delete arbitrary files on the server via a path traversal flaw. Reported by Patchstack and tracked as EUVD-2026-36986, the issue enables low-privileged authors of WordPress content to disrupt site availability by removing critical files such as wp-config.php; no public exploit identified at time of analysis.
Unauthenticated arbitrary file deletion in the WordPress plugin Contact Form Extender for Divi (versions <= 1.0.6) allows remote attackers to delete arbitrary files on the host filesystem via a path traversal flaw. Deletion of critical files such as wp-config.php can force WordPress into setup mode, enabling site takeover. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Arbitrary file deletion in the Groundhogg WordPress plugin (versions 4.4 and earlier) allows authenticated users with the Sales Representative role to delete files outside the plugin's intended scope via a path traversal flaw. With no public exploit identified at time of analysis and a CVSS 7.7 driven by scope change and high availability impact, the issue threatens site integrity and uptime rather than data confidentiality. The vulnerability was disclosed by Patchstack and is tracked in the ENISA EUVD as EUVD-2026-36971.
Path traversal in the WordPress Download Monitor plugin (versions <= 5.1.9, by WP Chill) allows a network-accessible attacker with Author-level WordPress credentials to download arbitrary files from the server, achieving high confidentiality impact. The vulnerability (CWE-22) stems from improper sanitization of file paths within the plugin's download functionality, enabling directory traversal outside the intended file scope. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and no EPSS data was provided to quantify exploitation probability.
Arbitrary file deletion in Meta Box - WordPress Custom Fields Framework versions 5.11.1 and earlier exposes servers to filesystem damage through a path traversal flaw (CWE-22) accessible to WordPress Contributor-level users. By embedding traversal sequences in a crafted file deletion request, an authenticated Contributor can delete files outside the intended plugin directory, potentially reaching critical server or WordPress installation files. No active exploitation has been confirmed by CISA KEV, and no public exploit code has been identified at time of analysis; however, the scope-changed CVSS metric indicates that impact can extend beyond the WordPress application boundary to the underlying server filesystem.
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a path traversal flaw in the plugin import routine with file upload functionality to run arbitrary PHP as the web server user. Publicly available exploit code exists (published by Karma Insecurity / VulnCheck) demonstrating a race-condition-assisted bypass of sanitization, but the issue is not listed in CISA KEV and no public EPSS signal was provided. The high PR:H requirement limits attackers to those already holding administrator credentials or able to obtain them.
Arbitrary file disclosure in Vite's development server on Windows allows remote unauthenticated attackers to read sensitive files (such as `.env`, `*.pem`, `*.crt`) that are nominally protected by the `server.fs.deny` allowlist. The flaw stems from Windows-specific path-form quirks (NTFS Alternate Data Stream syntax `::$DATA` and 8.3 short filename aliases) that bypass deny-list normalization, and publicly available exploit code exists in the GHSA advisory. Only dev servers explicitly exposed to the network via `--host`/`server.host` are reachable.
Arbitrary source map file read in @babel/core allows an attacker who controls Babel's input source code to exfiltrate any source map file (.map) accessible to the process running Babel, provided the attacker can also read the compilation output and knows the target file path. This affects all @babel/core versions up to and including 7.29.0 and the 8.0.0 alpha/rc series prior to 8.0.0-rc.6. No public exploit is identified at time of analysis, and exploitation is constrained by three simultaneous conditions, but the vulnerability is significant in environments that compile untrusted or externally submitted code - such as online transpilers, CI/CD pipelines accepting external PRs, or multi-tenant build services.
Arbitrary file write via path traversal in Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) allows an authenticated low-privileged attacker to create or overwrite any file on the underlying operating system by sending crafted HTTP requests to affected API endpoints. The vulnerability stems from insufficient validation of user-supplied input during the file upload process (CWE-22), and a successful exploit can serve as a reliable stepping stone to root-level privilege escalation on the management host. No public exploit has been identified at time of analysis, and the vulnerability is not currently listed in CISA KEV; however, the integrity impact combined with root escalation potential elevates real-world risk above the CVSS 6.5 Medium baseline.
WordPress Plugin HB Audio Gallery Lite 1.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the file_path parameter. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
WordPress Brandfolder plugin version 3.0 and earlier contains a local file inclusion vulnerability in callback.php that allows unauthenticated attackers to include arbitrary files by manipulating the. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
WordPress Dharma Booking 2.28.3 and earlier contains a local file inclusion vulnerability that allows unauthenticated attackers to include arbitrary files by manipulating the gateway parameter. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
WordPress IMDb Profile Widget 1.0.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the url parameter. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
WordPress Simple-Backup 2.7.11 contains multiple vulnerabilities that allow unauthenticated attackers to delete arbitrary files and download sensitive files by manipulating the delete_backup_file and. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Path traversal in Wertheim SafeController Software (AssemblyVersion 6.15.8328.28014) enables an authenticated user holding the settings_branches_manage privilege to embed directory traversal sequences in a newly created branch code, redirecting downstream file-write operations — covering uploaded files, profile pictures, and settings data — to attacker-chosen filesystem locations. The root cause is insufficient server-side validation of the branch code field at branch creation time; that tainted value later propagates into multiple file-path-generation routines across the application. No active exploitation is confirmed (not in CISA KEV) and no public exploit code has been identified; real-world impact is bounded by both the service account's write permissions and length restrictions on the branch code value.
Authenticated path traversal in Wertheim SafeController Software (AssemblyVersion 6.15.8328.28014) - software used to manage vault rooms and safe deposit locker systems - allows any logged-in user to read arbitrary files from the host via the documentName parameter of the /safe/selfservice/openselfservicedocument endpoint. Successful exploitation exposes application log files (which may contain credentials or session data) and application binaries, enabling secondary attacks against the safe deposit locker infrastructure. No public exploit identified at time of analysis, and the issue was disclosed by SEC Consult Vulnerability Lab (SEC-VLab).
Path traversal in the Intelbras iNVU 7016 FT NVR web interface allows authenticated high-privilege remote users to read arbitrary files outside the intended syslog directory via the /RPC2_Loadfile/syslog/ endpoint. Affected firmware is version 3.004.00IB000.0.T Build 2025-09-26; the vendor has since released a patched firmware build (2026-05-29). No public exploit identified at time of analysis as KEV-confirmed active exploitation, but a public proof-of-concept writeup exists, elevating practical risk above baseline.
Path traversal in Microweber CMS up to version 2.0.20 exposes the unauthenticated `/api_nosession/thumbnail_img` endpoint to file system manipulation via the `cache_path_relative` parameter of the `userfiles_path` function. Remote, unauthenticated attackers can traverse outside the intended directory to read - and potentially write - files accessible to the web server process. A public proof-of-concept exploit is available and the vendor did not respond to responsible disclosure, meaning no patch exists at time of analysis.
Path traversal in Bludit 3.19.0's api/plugin.php endpoint allows remote attackers to escape the intended directory and access arbitrary files on the server via crafted requests. The CVSS 9.8 rating reflects unauthenticated network-based exploitation with high impact across confidentiality, integrity, and availability, and publicly available exploit code exists in a public gist, though EPSS remains low at 0.25%.
In OCaml-tar before 3.4.0, a crafted archive with ../ path segments in its name allows escaping the current working directory. This is not desired behavior, and tar(1) rejects such extractions, but ocaml-tar decompresses it anyway. The impact is that it allows arbitrary file writes outside of the desired extraction directory (to an attacker that can reach a tar decompression endpoint).
Directory traversal in Zhoros SuperBin v1.0.0 allows remote unauthenticated attackers to read or write files outside intended directories by uploading files whose names contain traversal sequences such as '../'. The flaw stems from inadequate sanitization of user-supplied filenames during file handling operations. Publicly available exploit code exists via a referenced GitHub gist, though there is no public exploit identified as weaponized at scale and the vulnerability is not listed in CISA KEV.
The Store Locator WordPress plugin before 1.6.9 does not validate a parameter before using it in a file path, allowing high-privileged users such as administrators to read arbitrary `.php` files from the server, including configuration files that contain database credentials and authentication keys.
Privilege escalation in Grafana Operator (all versions ≤ 5.23) allows any user with Kubernetes RBAC permissions to create GrafanaDashboard or GrafanaLibraryPanel resources to steal the Kubernetes service account token of the operator manager pod. The jsonnet templating language, supported via spec.jsonnetLib, is evaluated unsandboxed inside the operator manager pod, enabling a path traversal payload to read sensitive files - including the mounted service account token - and exfiltrate it through the resulting dashboard output. No public exploit is identified at time of analysis, but successful exploitation yields cluster-level privilege escalation, reflected in the vendor-assigned CVSS 4.0 subsequent-system impact of SC:H/SI:H.
Arbitrary file read in the LWS Optimize WordPress plugin (versions up to and including 3.3.19) permits authenticated users with Editor-level access or above to retrieve any file readable by the web-server process, including sensitive files such as wp-config.php. The vulnerable `combine_current_css()` function blindly trusts stylesheet href values harvested from page HTML, resolves them to absolute filesystem paths, and passes them to `file_get_contents()` without enforcing a safe-directory boundary or a `.css` extension check - a classic CWE-22 path traversal pattern. No public exploit has been identified and the vulnerability is not listed in CISA KEV, but the attack path is straightforward given the source code is publicly accessible in the WordPress plugin repository.
Directory traversal in Allegra's exportReport method exposes arbitrary server-side files to authenticated remote attackers, operating in the context of the underlying service account. The flaw affects all tracked versions per the CPE wildcard (cpe:2.3:a:allegra:allegra:*), with Alltena's 9.0.0 release notes referencing the fix. No public exploit code or CISA KEV listing has been identified at time of analysis, and no EPSS data was provided, but the CVSS 6.5 rating reflects a meaningful confidentiality risk for any internet-facing Allegra deployment where user accounts may be broadly provisioned.
Arbitrary local file read in OpenClaw before 2026.4.7 lets authenticated Gateway operators holding the operator.write scope coerce the memory-wiki ingest feature into importing the contents of arbitrary local files. The flaw, reported by VulnCheck and tracked as GHSA-p2fh-f5fc-44hr, enables disclosure of sensitive host files (credentials, config, secrets) into wiki memory, but no public exploit identified at time of analysis and it is not listed in CISA KEV.
Zip-slip path traversal in filebrowser v2.63.5 and earlier (Linux-hosted) allows any authenticated user with Create permission to plant a file whose name contains URL-encoded Windows-style backslash traversal sequences (`%5C`). The Linux server stores the file with a literal backslash in its name, which `filepath.ToSlash()` silently ignores, and the archive download handler emits that name verbatim into zip/tar central directories. When a Windows victim downloads and extracts the archive using Explorer, 7-Zip, WinRAR, or .NET `ZipFile.ExtractToDirectory`, the extractor interprets `\` as a path separator and writes files to arbitrary locations outside the extraction directory - enabling arbitrary file write on the victim's Windows machine. No public exploit identified at time of analysis beyond the full PoC published in the GHSA advisory; EPSS is 0.03% (8th percentile), consistent with the two-party, victim-interaction requirement.
Symlink-following scope escape in File Browser (filebrowser/filebrowser v2 ≤ 2.63.13) lets a restricted, scoped user-and in the public-share case an unauthenticated recipient-read, overwrite, and share files outside their assigned directory whenever a symlink lexically inside their scope resolves to a target elsewhere on the server. The per-user BasePathFs root blocks lexical ../ traversal but the HTTP handlers dereference symlinks before serving, writing, or sharing, so any file the server process can reach is exposed. Publicly available proof-of-concept exploit code exists in the GHSA advisory; the issue is not in CISA KEV and EPSS is low (0.07%, 23rd percentile).
Unauthenticated path traversal in Nezha Monitoring (nezhahq/nezha) before 2.0.13 allows remote attackers to read arbitrary files from the dashboard host by abusing the NoRoute fallbackToFrontend handler. The handler matches the /dashboard prefix with strings.HasPrefix rather than a path-segment comparison, so a request like /dashboard../data/config.yaml is normalized by path.Join into the application's data directory and served by http.ServeFile. No public exploit identified at time of analysis, but the bypass is trivially reproducible from the disclosed root-cause writeup.
Path traversal in MISP's OrganisationsController::getOrgLogo allows a low-privileged authenticated user to read arbitrary .png or .svg files from outside the intended organisation logo directory by injecting traversal sequences into organisation-controlled fields such as the organisation name, id, or uuid. All MISP versions prior to the patch commit b865deb are affected across any deployment where untrusted accounts hold write access to organisation fields. No public exploit code or CISA KEV listing exists at time of analysis; however, the attack requires only low-privilege access and no user interaction, making it practically exploitable in typical multi-tenant MISP deployments.
Path traversal in Discourse's backup download handler allows an authenticated administrator on one site within a multisite deployment to retrieve backup archives belonging to a co-hosted site on the same server. Backup files typically contain full database dumps, private messages, user credentials, and email addresses, making cross-site access a serious trust-boundary violation. No public exploit has been identified and EPSS sits at 0.04% (12th percentile), reflecting the narrow exploitation conditions; vendor-released patches are available across all affected release trains.
Path traversal across multiple endpoints in Actual, the open-source self-hosted personal finance application, allows authenticated low-privilege users to write files outside intended server directories in all versions prior to 26.5.0. The CVSS 4.0 vector confirms network-accessible exploitation with low-privilege authentication required and impact limited to write operations on the vulnerable system only - no confidentiality or availability impact is indicated. No active exploitation has been confirmed (not in CISA KEV), and the EPSS score of 0.03% (8th percentile) reflects minimal observed exploitation interest at time of analysis.
Arbitrary file write in GeoServer's Master Password Dump web page allows an authenticated administrator to write attacker-controlled content to any absolute filesystem path the GeoServer process can write to, including JSP files in a Tomcat webapps directory. Because GeoServer enforces no maximum master password length, an admin can embed malicious JSP code into the master password and dump it to an executable location, escalating to remote code execution on the host. No public exploit identified at time of analysis and the issue is not in CISA KEV.
Arbitrary file write in Mattermost via path traversal affects versions 11.6.x ≤ 11.6.1, 11.5.x ≤ 11.5.4, and 10.11.x ≤ 10.11.15/10.11.16 when shared channels with federated peers are in use. An attacker who controls a federated Mattermost server can supply crafted FileInfo.Name values during file sync to write files to arbitrary locations in the target server's filestore. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Path traversal in Kedro 1.2.0 allows authenticated local users to read or overwrite files outside of versioned dataset directories by supplying a crafted version string. The flaw resides in `_get_versioned_path()` (kedro/io/core.py) and is also reachable via the `--load-versions` CLI parameter, with downstream risk of data poisoning and cross-tenant data exposure in orchestrated pipelines. No public exploit identified at time of analysis, and the issue is not on CISA KEV.
Unauthenticated arbitrary file upload in Amasty Order Attributes for Magento 2 before 4.0.0 lets remote attackers drop arbitrary files into the store's media directory without authentication, session validation, or cart context. Where the media directory permits PHP execution, this escalates to unauthenticated remote code execution; otherwise it enables stored XSS via HTML/SVG, malware hosting, and path-traversal writes outside the intended directory. No public exploit identified at time of analysis, but the CVSS 4.0 base score of 9.3 and trivial preconditions make this a high-priority issue for any Magento 2 store running the extension.
Path traversal in IEI Integration Corp's iVEC TANK-XM811 Virtualization Edge Computer enables authenticated remote attackers to create directories at arbitrary system paths outside the application's intended scope. The flaw (CWE-22) resides in the network-accessible management interface, where user-supplied path input is not sufficiently sanitized before use in filesystem operations. No public exploit code or active exploitation has been identified at time of analysis, and the impact is constrained to unauthorized directory creation rather than file read, write, or code execution.
Arbitrary file deletion in IEI Integration Corp's iVEC-IEI Virtualization Edge Computer (Tank-XM811 platform) allows authenticated remote attackers to delete arbitrary system files or directories via path traversal, leading to data destruction and service disruption. The flaw was reported through Taiwan's TWCERT coordination process and carries a CVSS 4.0 base score of 7.2 (High) driven by integrity and availability impact. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Arbitrary file read via path traversal in IEI Integration Corp's iVEC TANK-XM811 edge computing platform exposes sensitive system files to privileged remote attackers. The CVSS 4.0 vector (AV:N/PR:H/VC:H) confirms network-accessible exploitation requiring high-privilege credentials, with full confidentiality impact on the vulnerable system and no integrity or availability impact. No public exploit code or CISA KEV listing is identified at time of analysis; the vulnerability was reported by Taiwan CERT (TWCERT) and affects all known firmware versions per CPE wildcard.
Information disclosure in Ubiquiti UniFi OS devices allows unauthenticated network-adjacent attackers to read sensitive data via a path traversal flaw (CWE-22). The high CVSS 8.6 score reflects a scope change with high confidentiality impact, indicating that disclosed data can affect resources beyond the vulnerable component itself. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Authenticated arbitrary code execution in CyberArk Privileged Session Manager (PSM) versions prior to 15.0.3, 14.6.3, 14.2.5, and 14.0.5 allows low-privileged users to escape intended boundaries through incomplete input validation combined with misconfigured folder permissions. Because PSM brokers privileged sessions to critical infrastructure, code execution here directly threatens vaulted credentials and downstream targets, making this a high-impact issue despite requiring authentication. No public exploit identified at time of analysis, but the CVSS 4.0 base score of 8.7 reflects the severity of compromising a PAM component.
Path traversal in WsgiDAV 4.3.3 allows WebDAV clients to read, write, or delete files outside the configured filesystem share root when a sibling directory's name shares a prefix with the share root. The flaw lives in FilesystemProvider._loc_to_file_path(), which performs a string-prefix containment check instead of a path-boundary-aware one, and is reachable via URL-encoded dot segments such as /%2e%2e/. No public exploit is identified at time of analysis, but a proof-of-concept is described in the vendor advisory and a vendor-released patch exists (4.3.4).
Path traversal in OpenClaw before version 2026.4.25 allows attackers with workspace access to manipulate local package root resolution and load memory-core artifacts from attacker-controlled locations, leading to arbitrary code execution or sensitive data disclosure. The flaw stems from workspace state influencing artifact resolution paths (CWE-427, Uncontrolled Search Path Element). No public exploit identified at time of analysis, though VulnCheck has published a dedicated advisory describing the fake package root resolution technique.
Path traversal in Apple macOS prior to Sequoia 15.4 allows a locally-installed application to bypass directory path restrictions and read sensitive user data outside its permitted file system scope. The flaw (CWE-22) stems from insufficient validation of directory path components in macOS path parsing logic, enabling a rogue or compromised app running with standard user privileges to traverse into restricted locations. No public exploit code has been identified and the CVE is not listed in the CISA Known Exploited Vulnerabilities catalog; SSVC assessment confirms no known active exploitation at the time of this analysis.
Static file confinement bypass in @hapi/inert (npm, versions 4.0.0-7.1.0) allows remote unauthenticated attackers to read arbitrary files from sibling directories when those directories share a string prefix with the configured serve path. The flaw is a classic CWE-22 path traversal rooted in a faulty string-prefix comparison that fails to enforce a directory separator boundary, meaning a path like /app/static-secret incorrectly passes the confinement check for a serve root of /app/static. No public exploit code has been identified and this CVE is not in CISA KEV, but the attack itself - a single URL-encoded traversal request - is trivially simple once the precondition of a matching-prefix sibling directory is confirmed.
Path traversal in Perry (PerryTS) CLI versions before 0.5.1159 allows a malicious or compromised build server to write arbitrary files anywhere the Perry process can write, or exfiltrate arbitrary local files, by sending crafted artifact_name or download_path values in ArtifactReady WebSocket messages. No public exploit identified at time of analysis, but the upstream commit and tests confirm the issue and a patched release is available.
Path traversal in Keras archive extraction utilities prior to version 3.14.0 allows remote attackers to write files outside the intended extraction directory when a victim loads a malicious model archive. The flaw stems from validating archive member paths against the process current working directory rather than the actual extraction destination, which collapses to the filesystem root in common Docker, CI/CD, and Jupyter setups. No public exploit identified at time of analysis, but the upstream fix and a Huntr bounty disclosure make targeted exploitation against ML pipelines plausible.
Arbitrary file disclosure in Golem OEE MES (Neuron Soft) before 11.6.0 lets an unauthenticated attacker on the same local network read any file readable by the server process by manipulating HTTP request paths. Reported by CERT-PL with no public exploit identified at time of analysis, the issue is fixed in 11.6.0 and carries a CVSS 4.0 base score of 8.3 driven by adjacent-network access and high confidentiality impact extending beyond the application.
Path traversal in Spring Integration's FTP/SFTP/SMB inbound adapters allows a malicious or compromised remote file server to write attacker-controlled files outside the configured local directory on any client polling it, affecting versions 5.5.0-5.5.20, 6.3.0-6.3.14, 6.4.0-6.4.11, 6.5.0-6.5.8, and 7.0.0-7.0.4. The flaw inverts the usual trust model - the file-transfer client trusts the server's filename, enabling overwrite of arbitrary host files such as configuration, cron, or application JARs, which can escalate to code execution. No public exploit identified at time of analysis, but the issue is straightforward to weaponize once a hostile server endpoint is reachable.
Arbitrary code execution in Dulwich (pure-Python Git implementation) versions 0.23.2 through 1.2.4 allows a malicious upstream repository to drop executable files into a victim's .git/hooks/ directory during a recursive clone or submodule update. When the victim subsequently runs any git or dulwich command that invokes the planted hook, the attacker's code executes with the victim's privileges. No public exploit identified at time of analysis, though the technique mirrors the well-documented upstream Git flaws CVE-2024-32002 and CVE-2024-32004.
Path traversal in Palo Alto Networks Cortex XSOAR engine on Linux enables arbitrary file write to the host system by an unauthenticated adjacent-network attacker who can intercept and manipulate outbound network response traffic via MITM. The referenced NVD entry for CVE-2007-4559 - the canonical Python tarfile path traversal - strongly suggests XSOAR's content pack or update download pipeline uses Python's tarfile module without path sanitization, allowing a poisoned archive to escape the extraction directory. No public exploit code has been identified at time of analysis, and the CVSS 4.0 supplemental metrics classify exploitation as unreported (E:U), though the attack is rated automatable (AU:Y) once MITM positioning is achieved.
Arbitrary file write via path traversal in PDM (Python Development Master) package manager allows malicious wheels to write files outside the intended installation directory during package installation. The flaw exists in InstallDestination.write_to_fs() which overrode the safe base class path validation with an unvalidated os.path.join() call, affecting PDM versions up to and including 2.22.4. No public exploit identified at time of analysis, though the issue mirrors the previously disclosed Poetry CVE-2026-34591 of the same class.
Path traversal via crafted .7z archive in bit7z before v4.0.12 on POSIX platforms allows an attacker-controlled symlink to escape the extraction directory by exactly one level - up to the parent directory. Any archive entries extracted after the malicious symlink is placed will write attacker-controlled files to the parent of the intended output path, carrying the permissions of the extracting process. No public exploit has been identified at time of analysis and this CVE is not listed in CISA KEV; the vendor-confirmed fix ships in version 4.0.12.
Path traversal in Fission Kubernetes serverless framework prior to version 1.25.0 allows authenticated tenants to write files outside the intended extraction directory by submitting a crafted package archive. The fetcher sidecar (fission-fetcher) processes attacker-controlled Package.Spec.Source.URL or Deployment.URL archives via Unarchive in pkg/utils/zip.go, where filepath.Join was used without verifying the resolved path stayed under the destination, enabling cross-tenant file overwrite, tampering with mounted secret/config volumes, or overwriting the fetcher binary itself. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Arbitrary directory deletion in julien040/anyquery 0.4.4 and earlier allows an authenticated low-privileged bearer-token holder to delete any directory accessible to the server process by submitting a SQL query that invokes clear_plugin_cache with a path-traversal payload. The flaw stems from path.Join silently resolving '..' segments before os.RemoveAll, and publicly available exploit code exists in the GitHub Security Advisory GHSA-j9rx-rppg-6hh4. Verified impact includes irreversible deletion of files outside the intended $XDG_CACHE_HOME/anyquery/plugins/ cache root, producing data loss and denial of service.
Path traversal in Roxy-WI versions 8.2.6.4 and prior allows authenticated remote attackers to read arbitrary configuration files via the config_file_name and configver parameters. The vendor's attempted fix in commit d4d10006 is ineffective due to a logic error - it uses Python tuple-membership instead of substring containment - leaving all realistic '../' payloads unblocked, with no public exploit identified at time of analysis.
Arbitrary file write in kubev2v assisted-migration-agent allows an unauthenticated attacker on the same LAN to achieve code execution on the appliance by uploading a crafted gzipped tarball that bypasses path traversal checks via chained symlinks. The flaw resides in the VDDK tarball extraction routine (extractTarGz in internal/services/vddk.go) and has a high CVSS of 9.6 due to scope change and full CIA impact, though no public exploit has been identified at time of analysis.
Path traversal in Ghidra's IsfServer component (all versions before 12.2) allows remote unauthenticated attackers to enumerate filesystem paths and probe arbitrary files by connecting to TCP port 54321 and sending crafted protobuf messages. The root cause is unsanitized client-supplied namespace strings passed directly to filesystem operations, a CWE-22 defect. Given Ghidra's deployment context - security research, malware analysis, and reverse engineering of sensitive artifacts, often in high-value government and defense environments - successful exploitation could expose directory structures and sensitive file metadata on the analyst's workstation. No public exploit code has been identified and this vulnerability is not in CISA KEV at time of analysis.
Arbitrary file write in NSA's Ghidra reverse-engineering framework before version 12.0.4 allows attackers to escape the theme directory via Zip Slip path traversal sequences in malicious theme ZIP archives, leading to code execution or credential compromise. The flaw requires user interaction (importing the booby-trapped theme) and is exploited locally against the user running Ghidra. No public exploit identified at time of analysis, though the technique (Zip Slip) is well-documented and trivially reproducible.
Arbitrary file write in NSA Ghidra versions prior to 12.0.2 allows local attackers to achieve code execution by tricking a user into installing a malicious extension archive. The extension installer fails to sanitize ZIP entry names, enabling classic Zip Slip path traversal that writes files outside the intended extension directory. No public exploit identified at time of analysis, though the technique is well-documented and trivially reproducible.
Path traversal in Ghidra's SameDirDebugInfoProvider (versions before 12.1) enables filesystem probing and CRC32 hash leakage of arbitrary files when a user opens a crafted ELF binary during automatic DWARF analysis. The vulnerability stems from missing validation of filenames embedded in ELF .gnu_debuglink sections before those filenames are used to construct filesystem paths. No public exploit code is currently identified and it is not listed in CISA KEV, but the risk is notable for security researchers and reverse engineers who routinely analyze untrusted binaries.