Skip to main content

Path Traversal

web HIGH

Path traversal exploits occur when applications use user-controlled input to construct file system paths without proper validation.

How It Works

Path traversal exploits occur when applications use user-controlled input to construct file system paths without proper validation. Attackers inject special sequences like ../ (dot-dot-slash) to escape the intended directory and navigate to arbitrary locations in the file system. Each ../ sequence moves up one directory level, allowing an attacker to break out of a restricted folder and access sensitive files elsewhere on the server.

Attackers employ various encoding techniques to bypass basic filters. Simple URL encoding transforms ../ into %2e%2e%2f, while double encoding becomes %252e%252e%252f (encoding the percent sign itself). Other evasion methods include nested sequences like ....// (which become ../ after filter removal), null byte injection (%00 to truncate path validation), and OS-specific path separators (backslashes on Windows). Absolute paths like /etc/passwd may also work if the application doesn't enforce relative path constraints.

The typical attack flow begins with identifying input parameters that reference files—such as file=, path=, template=, or page=. The attacker then tests various traversal payloads to determine if path validation exists and what depth is needed to reach system files. Success means reading configuration files, credentials, source code, or even writing malicious files if the application allows file uploads or modifications.

Impact

  • Credential exposure: Access to configuration files containing database passwords, API keys, and authentication tokens
  • Source code disclosure: Reading application code reveals business logic, additional vulnerabilities, and hardcoded secrets
  • System file access: Retrieving /etc/passwd, /etc/shadow, or Windows SAM files for credential cracking
  • Configuration tampering: If write access exists, attackers modify settings or inject malicious code
  • Remote code execution: Writing web shells or executable files to web-accessible directories enables full system compromise

Real-World Examples

ZendTo file sharing application (CVE-2025-34508) contained a path traversal vulnerability allowing unauthenticated attackers to read arbitrary files from the server. The flaw existed in file retrieval functionality where user input directly influenced file path construction without adequate validation, exposing sensitive configuration data and potentially system files.

Web application frameworks frequently suffer from path traversal in template rendering engines. When applications allow users to specify template names or include files, insufficient validation permits attackers to read source code from other application modules or framework configuration files, revealing database credentials and session secrets.

File download features in content management systems represent another common vector. Applications that serve user-requested files from disk often fail to restrict paths properly, enabling attackers to download backup files, logs containing sensitive data, or administrative scripts that weren't intended for public access.

Mitigation

  • Avoid user input in file paths: Use indirect references like database IDs mapped to filenames on the server side
  • Canonicalize and validate: Convert paths to absolute canonical form, then verify they remain within the allowed base directory
  • Allowlist permitted files: Maintain an explicit list of accessible files rather than trying to blocklist malicious patterns
  • Chroot jails or sandboxing: Restrict application file system access to specific directories at the OS level
  • Strip dangerous sequences: Remove ../, ..\\, and encoded variants, though this alone is insufficient

Recent CVEs (7719)

EPSS 0% CVSS 7.3
HIGH POC PATCH This Week

Arbitrary file write and deletion in pnpm package manager (versions prior to 10.34.0 and 11.4.0) lets a malicious contributor abuse the @pnpm/patch-package pipeline, which applies `.patch` files without validating the file paths in their `diff --git` headers. Because patch diff headers are opaque to most code reviewers, an attacker can slip `../../` traversal sequences into a pull request and, when a maintainer runs `pnpm install`, write attacker-controlled content to or delete arbitrary files with the privileges of the installing user. There is no public exploit identified at time of analysis, and the issue is not listed in CISA KEV; the moderate-to-high CVSS of 7.3 reflects high integrity and availability impact gated by required user interaction.

Path Traversal Pnpm
NVD GitHub VulDB
EPSS 0% CVSS 7.1
HIGH POC PATCH This Week

Path traversal in pnpm's `pnpm stage download` command (versions 11.3.0 through 11.5.2) lets a malicious or compromised registry overwrite arbitrary files reachable by the user running the command. The tool built a local tarball filename directly from registry-controlled package name and version fields, so a crafted manifest (e.g. a version like `1.0.0/../../evil`) escaped the intended download directory. This is fixed in 11.5.3; no public exploit identified at time of analysis, though the fixing PR (#12303) includes proof-of-traversal test cases.

Path Traversal Pnpm
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Path traversal in pnpm's global package management flows allows deletion of the global bin directory or its parent when a malicious package with specially crafted bin keys is installed. Packages carrying ".", "..", or "" as bin object keys in their manifest bypass pnpm's bin-name guard; subsequent global remove, update, or add-replacement operations re-derive those names and pass them through path.join(globalBinDir, binName) into removeBin, resolving to the bin directory itself or its parent. No public exploit has been identified at time of analysis, but fixed versions 10.34.2 and 11.5.3 are available and should be applied immediately given the supply-chain delivery mechanism.

Path Traversal Pnpm
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Arbitrary file write in Aqua Security's Trivy scanner (prior to 0.71.1) allows an attacker who can make Trivy fetch an attacker-controlled OCI artifact to write layer content anywhere on the host filesystem. Trivy trusts the org.opencontainers.image.title manifest annotation as the output filename without sanitization, so a crafted value containing path-traversal sequences escapes the intended download directory (CWE-22). No public exploit has been identified at time of analysis; the CVSS 4.0 score is 7.0 (high), driven by high integrity and availability impact requiring user interaction.

Path Traversal Trivy Suse
NVD GitHub VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Red Hat Build of Keycloak allows realm administrators holding the 'manage-realm' role to probe arbitrary filesystem paths by submitting unsanitized path values as keystore parameters during key provider component creation. The Keycloak process's file access attempt reveals whether a given path exists and is readable, functioning as a filesystem oracle for authenticated attackers. No public exploit code or active exploitation has been identified at time of analysis; the CVSS score of 4.9 (PR:H) reflects the significant constraint of requiring realm administrator credentials prior to exploitation.

Path Traversal Information Disclosure Red Hat Build Of Keycloak
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Path traversal in Halo's backup download endpoint allows authenticated administrators to read arbitrary files from the server filesystem, bypassing directory boundaries. Affected are all Halo deployments prior to version 2.24.3, where the MigrationServiceImpl.download() method invokes Path.resolve() on attacker-supplied filenames without enforcing containment within the designated backups directory. A compounding issue exists in the backup creation endpoint, which fails to sanitize status fields. No public exploit code or CISA KEV listing has been identified at time of analysis, and the PR:H requirement meaningfully constrains the attack surface.

Path Traversal Halo
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Arbitrary file relocation in HTMLy CMS through version 3.1.1 allows low-privileged authenticated users to move any web-server-writable file by injecting directory traversal sequences into the oldfile parameter of the admin autosave endpoint. Reported by VulnCheck with publicly available exploit code, the flaw stems from passing unsanitized input directly to file_exists() and rename() in admin.php. It is not listed in CISA KEV, so there is no public exploit identified as actively exploited at time of analysis despite the available POC.

Path Traversal PHP Htmly
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

Path traversal in the K2 extension for Joomla (versions 1.0-2.26) allows authenticated Authors to copy arbitrary web-readable files - including Joomla's database credential file `configuration.php` and OS files such as `/etc/passwd` - into a publicly accessible directory for retrieval. The article-save handler's `attachment[N][existing]` POST parameter is concatenated with `JPATH_SITE/` and passed directly to `JFile::copy()` without stripping `../` sequences or enforcing a source-path allow-list, making traversal trivial. No public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV, but the confidentiality impact is severe on multi-author Joomla sites where Author accounts may be widely distributed.

Path Traversal PHP K2 Extension For Joomla
NVD
EPSS 0% CVSS 8.7
HIGH POC This Week

Arbitrary file read in Winstone Servlet Engine (versions through 0.9.10) lets unauthenticated remote attackers retrieve any file readable by the servlet process by embedding dot-dot-slash sequences in HTTP GET request paths to the static-file handler. The flaw stems from missing path sanitization when resolving requests against the configured webroot, and publicly available exploit code exists (reported by VulnCheck), though it is not listed in CISA KEV. Impact is confidentiality-only but high, escalating to disclosure of OS-level secrets when the engine runs with elevated privileges.

Path Traversal Winstone Servlet Container
NVD GitHub
EPSS 1% CVSS 7.2
HIGH This Week

Remote code execution in Dell Wyse Management Suite (versions prior to WMS 5.5 HF1) is reachable through a path traversal flaw (CWE-22) that lets an authenticated, high-privileged remote attacker access or write files outside the intended directory and ultimately execute arbitrary code on the management server. The CVSS 3.1 base score is 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), reflecting full confidentiality, integrity, and availability impact gated by a high-privilege requirement. No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.

Dell Path Traversal RCE +1
NVD VulDB
EPSS 0% CVSS 7.7
HIGH This Week

Arbitrary file deletion in the JS Help Desk (JS Support Ticket) WordPress plugin versions 3.1.1 and earlier lets a low-privileged authenticated user (Subscriber, PR:L) delete arbitrary files on the server via path traversal. Because the scope is changed (S:C) and impact is availability-only (A:H), an attacker can remove critical files such as wp-config.php to trigger denial of service or force WordPress into a reinstall/setup state. No public exploit is identified at time of analysis and the issue is not listed in CISA KEV; it was disclosed through Patchstack.

Path Traversal Js Help Desk
NVD VulDB
EPSS 0% CVSS 9.4
CRITICAL Act Now

Privilege bypass in Apache Kvrocks exposes the internal APPLYBATCH command without proper permission enforcement, letting an authenticated low-privilege client write raw batches directly to the underlying RocksDB storage engine and bypass the server's command ACL model. The flaw (CWE-280, improper handling of permissions) carries a CVSS 4.0 base of 9.4 due to high integrity and availability impact and an irrecoverable-damage recovery rating. No public exploit identified at time of analysis, and it is not listed in CISA KEV; it was disclosed pre-NVD via the oss-security mailing list on 2026-06-25 alongside two sibling Kvrocks CVEs.

Path Traversal Apache
NVD VulDB
EPSS 0% CVSS 2.4
LOW Monitor

Replication Fullsync in Apache Kvrocks fails to validate filenames transmitted from a master node to a replica during full synchronization, enabling path traversal to arbitrary filesystem locations. Deployments using Kvrocks master-replica replication are affected; standalone instances with no replication configured are not exposed. An attacker who controls or can impersonate a master node can cause a replica to read or write files outside its intended data directory - no public exploit has been identified and this CVE is not listed in the CISA KEV catalog at time of analysis.

Path Traversal Apache
NVD VulDB
EPSS 0% CVSS 10.0
CRITICAL Act Now

Memory corruption in Apache Kvrocks' embedded Lua scripting engine allows a client able to run EVAL/EVALSHA commands to trigger a stack buffer overflow in the bit.tohex() function, potentially crashing the server or corrupting process memory toward code execution. Kvrocks is a Redis-protocol-compatible distributed key-value store, and this flaw was disclosed via the oss-security mailing list on 2026-06-25 alongside three other Kvrocks issues. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Path Traversal Buffer Overflow Apache +1
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

Lua sandbox escape in Apache Kvrocks exposes the host environment to authenticated users who hold EVAL command privileges. The database fails to strip the `loadstring` function from its Lua scripting environment, which is a standard hardening step in Redis-protocol-compatible systems; retaining it allows a sandboxed Lua script to load and execute arbitrary Lua bytecode dynamically, effectively escaping the intended script isolation. No public exploit code or CISA KEV listing exists at time of analysis; however, sandbox escapes of this class are well-understood and exploitable by any user granted EVAL access.

Path Traversal Buffer Overflow Apache
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Path traversal in Rapid7 InsightConnect's Compression Plugin on Linux allows authenticated attackers with high privileges to write files to arbitrary paths on the underlying host via crafted archive filenames passed to the create_archive function. Impact is constrained to file corruption - the attacker can control write destination but not write content, preventing code execution via this vector alone. No public exploit code exists and no KEV listing is present; the low CVSS score of 3.3 reflects the high authentication bar and limited impact scope.

Path Traversal Insightconnect Compression Plugin
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Arbitrary file read in Rapid7's InsightConnect Sed Plugin on Linux exposes sensitive host filesystem contents to authenticated attackers through an unsanitized expression parameter. All versions are affected per the CPE wildcard, and exploitation requires only a low-privilege authenticated InsightConnect session over the network with no user interaction. No public exploit code or CISA KEV listing has been identified at time of analysis, though the CWE-22 path traversal class is well-understood and mechanically straightforward to exploit once authentication is obtained.

Path Traversal Insightconnect Sed Plugin
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Arbitrary file write in the Rapid7 InsightConnect Sed Plugin on Linux lets an authenticated attacker supply a crafted expression parameter to write attacker-controlled content to any filesystem path the plugin process can reach. The flaw (CWE-22 path traversal) carries a CVSS 7.1 with high integrity impact and there is no public exploit identified at time of analysis, but it is dangerous because arbitrary writes can be leveraged toward code execution or configuration tampering within the SOAR plugin runtime.

Path Traversal Insightconnect Sed Plugin
NVD VulDB
EPSS 1% CVSS 7.2
HIGH This Week

Authenticated remote code execution in ATEN Unizon arises from a directory traversal flaw in the ImportDeviceList method, where a user-supplied file path is used in file operations without proper validation. A high-privileged remote attacker can traverse outside intended directories to write or manipulate files and ultimately execute arbitrary code in the SYSTEM context, fully compromising the host. Discovered and reported via the Zero Day Initiative (ZDI-26-382 / ZDI-CAN-28579); no public exploit identified at time of analysis and it is not listed in CISA KEV.

Path Traversal RCE Unizon
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Authenticated remote code execution in ATEN Unizon arises from a directory traversal flaw in the restoreDB method, where a user-supplied path is used in file operations without validation, letting a high-privileged attacker write or restore files outside the intended directory and run code as SYSTEM. The flaw was reported through Trend Micro's Zero Day Initiative (ZDI-CAN-28578 / ZDI-26-381) and carries a CVSS 3.0 base score of 7.2 (PR:H). There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Path Traversal RCE Unizon
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Unauthenticated information disclosure in ATEN Unizon allows remote attackers to read arbitrary files from affected installations by abusing a path-traversal weakness in the writeFileToHttpServletResponse method. Because the underlying service runs with SYSTEM privileges, an attacker can exfiltrate sensitive files including configuration, credentials, and OS-level data. Cataloged via ZDI (ZDI-26-380 / ZDI-CAN-28505) with no public exploit identified at time of analysis; not listed in CISA KEV and no EPSS score was provided.

Path Traversal Information Disclosure Unizon
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Arbitrary file deletion via directory traversal in ATEN Unizon's uploadSSL method allows authenticated remote attackers with high-privilege credentials to delete files anywhere on the underlying filesystem. All versions are indicated as affected by the wildcard CPE. Exploitation can be used to destroy configuration or system files, inducing a denial-of-service condition; no confirmed active exploitation or public exploit code has been identified at time of analysis.

Path Traversal Unizon
NVD VulDB
EPSS 1% CVSS 6.5
MEDIUM This Month

Arbitrary file deletion in ATEN Unizon exposes all installations to destructive denial-of-service attacks via a path traversal flaw in the updateLicense method, reachable over the network by any authenticated high-privilege user. The CVSS PR:H constraint confirms exploitation requires high-privilege credentials, limiting opportunistic mass exploitation, but a motivated insider or attacker with stolen admin credentials can delete critical system files and render the host inoperable. No public exploit or CISA KEV listing has been identified at time of analysis, but the straightforward AC:L nature of the flaw means exploitation is trivial once credentials are obtained.

Path Traversal Unizon
NVD VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Symlink-based workspace boundary bypass in chrome-devtools-mcp (versions 0.24.0 through before 1.1.0) allows a local low-privileged actor - including an AI coding agent itself - to read or overwrite files outside the configured workspace root. The McpContext.validatePath() function performs only a lexical prefix check on the resolved path and never canonicalizes symbolic links, so an in-root symlink whose target lies outside the root passes validation and causes downstream file operations to act on the real out-of-workspace target. No public exploit has been identified and the CVE is not listed in CISA KEV; a vendor-released patch is available in version 1.1.0.

Path Traversal Google Chrome Devtools Mcp
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

Arbitrary file disclosure in SiYuan personal knowledge management system before 3.7.0 lets an unauthenticated remote attacker read any file inside the workspace directory through its publish-mode HTTP endpoint (default port 6808). The flaw is an incomplete fix for CVE-2026-41894: the earlier patch sanitized the /export/ route but left the identical double-URL-encoding path traversal in the /assets/*path route, exposing conf/conf.json (AccessAuthCode SHA256 hash, API token, sync keys), the temp SQLite databases, and siyuan.log. Publicly available exploit code exists; no public active exploitation has been confirmed.

Path Traversal Siyuan
NVD GitHub
EPSS 0% CVSS 1.7
LOW PATCH Monitor

Path traversal in Jellyfin prior to 10.11.10 enables an attacker who can place a crafted MKV file in a victim's Jellyfin library to redirect the server's MKV attachment extraction routine to arbitrary absolute filesystem paths on the host. The flaw originates in .NET's Path.Combine behavior: Jellyfin passes the unsanitized MKV filename tag directly into Path.Combine(attachmentFolder, fileName), and .NET silently ignores the base path when the second argument is rooted, enabling full path override. Exploitation is triggered automatically whenever any Jellyfin client plays the affected file with subtitle burning enabled, which is the default behavior. No public exploit has been identified at time of analysis, and the CVSS 4.0 score of 1.7 reflects high complexity and low integrity-only impact.

Path Traversal Jellyfin
NVD GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Arbitrary file write in Jellyfin media server (10.9.0 through 10.11.9) lets any authenticated non-admin user abuse the POST /ClientLog/Document endpoint to plant attacker-controlled content outside the intended log directory. The endpoint trusts the Client and Version fields of the Authorization header and uses them unsanitized to build the on-disk filename, so embedding ../ sequences in the Client field redirects writes to any path reachable by the Jellyfin service account, with a forced .log extension. No public exploit has been identified at time of analysis, and the issue is fixed in 10.11.10.

Path Traversal Jellyfin
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Path traversal in AnythingLLM's document folder listing endpoint on Windows allows authenticated low-privilege users to enumerate directories outside the intended documents directory. The root cause is a platform-specific gap in the shared path containment helper: it correctly rejects POSIX-style '../' sequences but fails to reject Windows-style parent path segments produced by Node.js path.relative(), such as bare '..'. No active exploitation has been confirmed (not in CISA KEV) and no public exploit code has been identified, consistent with the Medium CVSS score of 4.3 and the authentication requirement.

Path Traversal Microsoft Anything Llm
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

Path traversal in the Jenkins External Workspace Manager Plugin (versions 1.3.2 and earlier) lets an attacker with Item/Configure permission supply traversal sequences in the custom workspace path of the exwsAllocate Pipeline step to read arbitrary files from the Jenkins controller filesystem, which the vendor notes can escalate to remote code execution. The flaw requires an authenticated low-privileged user (CVSS:3.1 PR:L, base 8.8) and is reported directly by the Jenkins security team. No public exploit identified at time of analysis, and CISA SSVC marks exploitation as none.

Path Traversal Jenkins RCE +1
NVD
EPSS 1% CVSS 7.7
HIGH PATCH This Week

Arbitrary file read in motionEye versions before 0.44.0 lets remote attackers retrieve any file readable by the motionEye process by supplying an absolute path to the media playback, download, and preview handlers. The flaw stems from os.path.join() discarding the configured media directory when given an absolute path, compounded by MoviePlaybackHandler deliberately overriding Tornado's StaticFileHandler path-safety checks. A proof-of-concept exists and the CVSS 4.0 exploit-maturity is rated Proof-of-Concept, but there is no public evidence of active exploitation.

Canonical Python Path Traversal
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Path traversal in the mise HTTP backend allows a repository-controlled `.tool-versions` file to direct `mise install` to create symlinks at arbitrary filesystem locations outside the designated mise installs root on Unix-like systems. Affecting mise up to version 2026.5.16, a developer or CI system that runs `mise install` against a malicious project can have executable symlinks silently placed under attacker-chosen `PATH` directories, enabling replacement of trusted commands with attacker-controlled HTTP content. No public exploit identified at time of analysis beyond the detailed proof-of-concept published in GitHub Security Advisory GHSA-f94h-j2qg-fxw3, and no CISA KEV listing confirms active in-the-wild exploitation.

Microsoft Path Traversal
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Arbitrary file write and command execution in Glances (Python system monitoring tool) versions 4.0.8 through 4.5.4 allows attackers with the ability to modify glances.conf to abuse shell-like operators (`>`, `|`, `&&`) interpreted by the `secure_popen()` function inside AMP module command configuration. The flaw bypasses the `--disable-config-exec` mitigation introduced for CVE-2026-33641, since that flag only blocks backtick execution in `config.get_value()` and not operator parsing in `secure_popen()`. Publicly available exploit code exists in the GitHub Security Advisory (GHSA-3vwc-qwhc-3mj7), but no public exploit identified in active campaigns at time of analysis.

Python Path Traversal Suse
NVD GitHub VulDB
EPSS 1% CVSS 10.0
CRITICAL POC PATCH Act Now

Remote code execution in Gogs self-hosted Git service before 0.14.3 allows unauthenticated attackers (where self-registration is enabled) to abuse unsanitized organization names containing '../' sequences to write Git repository files outside the intended storage root, then overwrite a repository's hooks/update script and trigger arbitrary command execution as the git user. The flaw carries a CVSS 10.0 (AV:N/AC:L/PR:N/UI:N/S:C) rating, and a fully working public proof-of-concept is published alongside the GHSA advisory, though no CISA KEV listing or EPSS data is provided in the input.

Docker RCE PostgreSQL +1
NVD GitHub
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

Authenticated arbitrary file write in Gogs (self-hosted Git service) versions below 0.14.3 on Linux/macOS lets a user with repository write access escape the working tree and overwrite any file the gogs UID can touch, escalating to remote code execution. The flaw stems from `UploadRepoFiles` validating symlinks only on the leaf path while sibling functions correctly walk every component; combined with a crafted multipart filename containing a literal backslash, the write is redirected through a previously committed directory symlink to targets like `~git/.ssh/authorized_keys` or `<repo>.git/hooks/post-receive`. No CISA KEV listing and no EPSS provided, but a detailed, tested proof-of-concept is published in the vendor advisory, so publicly available exploit code exists.

Apple Linux CSRF +5
NVD GitHub VulDB
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Open redirect in Gogs versions up to and including 0.14.2 allows unauthenticated remote attackers to craft login URLs that redirect authenticated users to arbitrary external sites after successful login. The root cause is a two-character-only URL validation in the `IsSameSite()` function: the path `/a/../\example.com` passes server-side inspection but resolves to `//example.com` after browsers normalize backslashes to forward slashes. A publicly available proof-of-concept with screenshots exists; this vulnerability is not in CISA KEV and active exploitation has not been confirmed at time of analysis.

Open Redirect Path Traversal
NVD GitHub
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Path traversal in CPython's tarfile module allows a crafted tar archive to bypass the 'data' and 'tar' extraction filters and create a symlink pointing outside the destination directory, enabling out-of-destination file reads or writes when extractall() is later used or the resulting symlink is followed. The flaw is an incomplete fix of CVE-2025-4330: a hardlink referencing a symlink stored at a deeper path than the hardlink itself causes the fallback to validate the symlink at its archived (deep) location but recreate it at the hardlink's shallower path, making a previously 'contained' relative target escape the extraction root. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Path Traversal Cpython
NVD GitHub VulDB
EPSS 1% CVSS 9.2
CRITICAL PATCH Act Now

Arbitrary file write in Crawl4AI Docker API server before 0.8.8 lets unauthenticated remote attackers escape the ALLOWED_OUTPUT_DIR via symlinks and a TOCTOU race on the output_path parameter of the /screenshot and /pdf endpoints, potentially escalating to code execution where the runtime user can write to executable or cron paths. No public exploit identified at time of analysis, but the API is unauthenticated by default and the GHSA confirms the issue was found in an internal security audit.

RCE Path Traversal Crawl4ai
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read and denial-of-service in Zephyr RTOS's ext2 filesystem parser expose embedded devices to filesystem-level attacks via maliciously crafted disk images. The flaw resides in ext2_fetch_direntry() (subsys/fs/ext2/ext2_diskops.c), where insufficient validation of on-disk directory entry fields - specifically de_rec_len and de_name_len against block boundaries - allows a crafted ext2 image to trigger an oversized memcpy (out-of-bounds read) or a zero-progress infinite loop when de_rec_len equals zero. All Zephyr versions are indicated as affected per the wildcard CPE, no public exploit code has been identified at time of analysis, and this CVE is not currently listed in CISA KEV.

Buffer Overflow Path Traversal Denial Of Service +2
NVD GitHub VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Arbitrary file read in Budibase self-hosted server (@budibase/server <= 3.39.0) allows an authenticated workspace builder to exfiltrate any file readable by the server process by uploading a crafted PWA zip containing a symlink entry. Because the default `budibase/budibase:latest` Docker image runs Node as root, attackers can retrieve `/data/.env` (JWT_SECRET, INTERNAL_API_KEY, MinIO/Redis/CouchDB credentials, DATABASE_URL) and even `/etc/shadow`, enabling JWT forgery and full global-admin takeover. Publicly available exploit code exists - a complete working PoC is published in the GHSA advisory - though there is no public exploit identified at time of analysis beyond that disclosure write-up.

Docker CSRF PostgreSQL +1
NVD GitHub VulDB
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Arbitrary file read in WebP Server Go through 0.14.4 on Windows deployments allows unauthenticated remote attackers to retrieve files outside the configured IMG_PATH by sending HTTP requests containing percent-encoded backslashes (%5C), bypassing the path.Clean() sanitization in handler/router.go. The flaw is platform-specific to Windows hosts because Go normalizes only forward slashes while the Windows file API treats backslashes equivalently; no public exploit identified at time of analysis, though VulnCheck has published an advisory and an upstream fix is merged in 0.15.0.

Microsoft Path Traversal Webp Server Go
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Path traversal and sandbox escape in LangChain prior to 1.3.9 allow untrusted inputs - including LLM-generated content steered by adversarial prompts - to escape a configured filesystem root boundary. Three components are affected: a file-search agent middleware that validates a starting directory but not glob patterns or symlink targets; prompt and chain/agent configuration loaders that resolve path fields without root confinement; and path-prefix authorization logic that performs string-prefix comparison without segment boundaries, allowing sibling paths to bypass access controls. No public exploit code has been identified at time of analysis and this CVE does not appear in CISA KEV, but the risk is meaningful for any deployment that exposes LangChain filesystem agents to untrusted user input or LLM prompt injection.

Path Traversal Langchain Langchain Anthropic
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Path traversal in motionEye v0.43.1 allows any authenticated user - including those with normal (non-admin) privileges - to read arbitrary files from the server filesystem via the picture and movie preview API endpoints. The root cause is inconsistent input validation: `get_media_preview()` and `del_media_content()` in `mediafiles.py` omit the `..` sequence check that `get_media_content()` correctly implements, and the Tornado web framework passes percent-encoded slashes (`%2F`) through unmodified to `os.path.join()`. A fully functional public proof-of-concept demonstrating retrieval of `/etc/passwd` is published in the GitHub security advisory; no public exploit identified at time of analysis for CISA KEV, but the low exploitation complexity and pre-computable default-credential signature make exposed instances an immediate practical target.

Path Traversal Python Docker
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM This Month

Path traversal in Keras 3.14.0 exposes local file systems to arbitrary file and directory creation when processing maliciously crafted model files. The DiskIOStore.make method constructs directory paths from user-supplied layer names without sanitizing directory traversal sequences (..); since only forward slashes are blocked, embedding .. components in a layer name allows escape from the intended temporary working directory during model save or load operations. No active exploitation (CISA KEV) and no public proof-of-concept has been identified at time of analysis; however, EPSS data was not provided, leaving probabilistic exploitation likelihood unquantified.

Path Traversal Keras Team Keras Red Hat
NVD VulDB
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Local privilege escalation and denial of service in qSnapper before 1.3.3 stems from path traversal via the configName D-Bus parameter, allowing local attackers to point the snapper backend at attacker-controlled config files. Per the SUSE security review that produced coordinated fixes for CVE-2026-41045 through CVE-2026-41049, exploitation can crash the service or escalate to root through abuse of snapper configuration handling. No public exploit identified at time of analysis, but the upstream advisory and Bugzilla entry document the issue in detail.

Path Traversal Denial Of Service Qsnapper +1
NVD GitHub VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Authenticated path traversal in AIL Framework (CIRCL's Analysis Information Leak threat-intel platform) lets a low-privileged user abuse the investigation workflow to read arbitrary files readable by the AIL process and exfiltrate them inside a generated archive. The flaw is fixed in commit 0041456af25da0cdea1c1c4624e46baff2731d8f, and no public exploit is identified at time of analysis. CVSS 4.0 is 8.3 (High), driven by a scope change where the leaked filesystem content is considered subsequent-system confidentiality impact.

Path Traversal Ail Framework
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

GitHub Copilot 1.372.0 allows filesystem access outside of a workspace folder (without user approval) via a file-handler URI parameter to fetch_webpage. Therefore, exfiltration could occur if there is indirect prompt injection.

N A Information Disclosure Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW Monitor

Path traversal in FlowiseAI Flowise's S3 Document Loader component (packages/components/nodes/documentloaders/S3/S3.ts) enables authenticated remote attackers to manipulate S3 object key inputs to access files outside the intended storage scope. Versions 3.1.0 through 3.1.2 are confirmed affected. Publicly available exploit code exists (E:P in the CVSS 4.0 vector), and the vendor did not respond to responsible disclosure, leaving no vendor-confirmed patch at time of analysis.

Path Traversal Flowise
NVD VulDB GitHub
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Authenticated path traversal in Craft CMS (4.0.0-RC1 through 4.17.6 and 5.0.0-RC1 through 5.9.12) allows low-privileged users to read arbitrary SVG files on the server via the assets/icon endpoint's extension parameter, which was passed to file existence checks without validation. No public exploit identified at time of analysis, though VulnCheck published an advisory and the upstream fix is visible in commit 30f5f1a. Confidentiality impact is high but no integrity or availability impact, and exploitation requires valid authenticated session.

Path Traversal Cms
NVD GitHub VulDB
EPSS 1% CVSS 7.5
HIGH This Week

Unauthenticated arbitrary file deletion in the Simple File List WordPress plugin (versions up to and including 6.3.7) allows remote attackers to delete any file the web server can write to, including wp-config.php, which can escalate to remote code execution. The flaw lives in the eeSFL_DeleteFile function and is reachable via the simplefilelist_edit_job AJAX action registered through wp_ajax_nopriv_, with the is_admin() guard rendered ineffective because that function always returns true on admin-ajax.php. No public exploit identified at time of analysis, but the trivial reachability and high-value target (WordPress) make weaponization straightforward.

Path Traversal PHP WordPress +2
NVD VulDB
EPSS 1% CVSS 8.1
HIGH This Week

Arbitrary file deletion in the Database for Contact Form 7, WPforms, Elementor forms WordPress plugin (versions ≤1.5.1) allows remote unauthenticated attackers to poison form entries with traversal payloads that, when later viewed by an administrator, delete arbitrary server files and can be escalated to remote code execution by removing wp-config.php. Reported by Wordfence with publicly available exploit code exists via the Wordfence advisory; no public exploit identified at time of analysis as weaponized in-the-wild attacks, and the issue is not in CISA KEV.

Path Traversal PHP WordPress +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Arbitrary file write and read in Symfony UX Toolkit's `ux:install` console command allows a crafted or compromised recipe kit to escape the intended installation directory and overwrite or read attacker-controlled files on a developer's machine or CI runner. Because overwriting controllers, git hooks, or `.env` files yields code execution, this path-traversal flaw escalates to local RCE, and no public exploit identified at time of analysis though the fix and root cause are documented in the upstream GHSA.

Path Traversal RCE
NVD GitHub VulDB
CVSS 6.2
MEDIUM PATCH This Month

Path traversal in Allure Report's built-in HTTP server (allure-commandline <= 2.38.1) allows any client that can reach the server port to read arbitrary files accessible to the Allure process. The vulnerability exists in Commands.setUpServer() where request URI paths are resolved against the report directory without normalization or containment checks, and Java's URI.getPath() additionally percent-decodes sequences like %2e%2e to .., bypassing client-side normalization. A proof-of-concept is publicly available via the GitHub Security Advisory GHSA-82cg-3hv7-74gc; no CISA KEV listing has been confirmed at time of analysis, though real-world risk is materially elevated in CI/CD environments where --host 0.0.0.0 is commonly used.

Path Traversal Microsoft Java
NVD GitHub
MEDIUM PATCH This Month

Symlink-chain path traversal in the go.qbee.io/transport library's extractTar routine allows a crafted tar archive to write or overwrite files one directory level above the intended extraction path. Applications using this library with elevated privileges - specifically qbee-agent, which runs as root - face the most severe impact, as exploitation enables root-privileged arbitrary file writes outside the extraction sandbox. No public exploit is identified at time of analysis; vendor-released patch v1.26.25 resolves the issue.

Path Traversal
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Path traversal in Kestra's `inputFiles` task mechanism allows remote attackers to write arbitrary files to the worker filesystem when flows forward untrusted webhook or execution data as file names. Affected across four release branches (prior to 1.3.19, 1.2.19, 1.1.19, and 1.0.43), exploitation depends on a specific flow design pattern but requires no authentication if the target webhook is publicly accessible. No public exploit code or active exploitation has been identified at time of analysis, but the CVSS integrity impact is rated High due to the ability to create or overwrite files outside the task working directory.

Path Traversal Kestra
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Path traversal in the YARD Ruby documentation server (prior to 0.9.44) allows unauthenticated remote attackers to read arbitrary `.html` files from directories outside the configured document root by supplying crafted `../`-containing request paths such as `/../yard-cache-secret.html`. The flaw exists because the static cache lookup in `StaticCaching#check_static_cache` constructs a filesystem path from the raw `request.path` before the router's own path-sanitization logic runs, enabling traversal to sibling directories. No active exploitation has been identified (not in CISA KEV) and no public POC exists at time of analysis; the vendor-released fix is version 0.9.44.

Path Traversal Yard
NVD GitHub VulDB
EPSS 0% CVSS 8.1
HIGH POC PATCH This Week

Arbitrary file write in gonic music streaming server prior to v0.21.0 allows any authenticated Subsonic user - including non-admin accounts - to write attacker-controlled M3U playlist content to any absolute filesystem path on the host, while also creating intermediate directories with world-writable 0o777 permissions. The flaw stems from an unreachable guard clause in ServeCreateOrUpdatePlaylist combined with missing path containment in Store.Write. No public exploit identified at time of analysis, but the GitHub Security Advisory GHSA-4gxv-p5g5-j7w7 documents the issue and a fix is available.

Path Traversal Gonic
NVD GitHub VulDB
EPSS 0% CVSS 7.1
HIGH POC PATCH This Week

Authenticated path traversal in gonic music streaming server allows any Subsonic user to read or delete other users' playlists and probe arbitrary host file paths by smuggling `..` segments into the playlist `id` parameter. The flaw bypasses the ownership check introduced in commit 6dd71e6, which derived `playlist.UserID` from the first path segment of the attacker-controlled ID without containing the resolved file path. No public exploit identified at time of analysis, but a proof-of-concept test case is embedded in the upstream patch.

Path Traversal Gonic
NVD GitHub VulDB
EPSS 1% CVSS 7.6
HIGH PATCH This Week

Arbitrary file write via path traversal in Slopsmith (a self-hosted Rocksmith 2014 CDLC web app) prior to 0.2.9-alpha.5 allows an attacker who can supply a malicious PSARC or sloppak archive to write files outside the extraction directory, escalating to remote code execution under the default Docker image which runs as root and exposes a writable plugin directory. The CVSS 4.0 vector reports high privileges required (PR:H), reflecting that the attacker must reach the archive-upload/open functionality of an authenticated user. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Path Traversal Python RCE +2
NVD GitHub VulDB
CVSS 6.1
MEDIUM PATCH This Month

Arbitrary local file disclosure in the Rust crate tract-onnx (by Sonos) allows an attacker who supplies a malicious ONNX model file to read arbitrary files from the victim's filesystem at model-load time, with file contents surfaced directly in inference tensor output. The root cause is that `get_external_resources()` in `onnx/src/tensor.rs` passes the attacker-controlled `location` field of ONNX external-data tensors directly to `PathBuf::join()` without sanitization, enabling both absolute-path overrides and relative `../` traversal. A secondary denial-of-service (panic) is possible via out-of-bounds `offset`/`length` values. Publicly available exploit code exists (full PoC confirmed on tract-onnx 0.21.16); no active exploitation has been confirmed by CISA KEV at time of analysis.

Path Traversal Denial Of Service Python +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Path traversal in AIL Framework's `/objects/item/diff` endpoint exposes gzip-compressed server-side files to authenticated users. The Flask blueprint route in `var/www/blueprints/objects_item.py` accepted arbitrary item identifiers via `s1` and `s2` query parameters and attempted to read and compare their contents without first verifying they resolved to legitimate AIL objects, enabling directory traversal sequences to escape the items directory. No active exploitation has been identified at time of analysis; CIRCL reported the issue and an upstream fix is available via a GitHub commit.

Path Traversal Ail Framework
NVD GitHub VulDB
EPSS 1% CVSS 9.3
CRITICAL PATCH Act Now

Unauthenticated administrator account takeover in FileRise before 3.16.0 is possible via a path traversal flaw in the shared-folder upload endpoint (/api/folder/uploadToSharedFolder.php), where URL-encoded path separators bypass filename validation and allow arbitrary file write outside the upload directory. Any actor holding a valid, non-expired, upload-enabled shared-folder token - tokens explicitly designed to be shared publicly - can overwrite users/users.txt to plant an admin account and, depending on configuration, achieve remote code execution. No public exploit identified at time of analysis, but the upstream fix in v3.16.0 documents the exact bypass, lowering the bar for weaponization.

Path Traversal PHP RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

Path traversal in MicroCeph's remote-import API allows enrolled cluster members or join token holders to manipulate files within the `/var/snap/microceph` snap confinement boundary, enabling daemon disruption and cluster state pollution across the squid and tentacle release tracks. The root cause is missing input validation on `name` and `LocalName` parameters in `cmdRemotePut`, permitting `..` sequences to reach unintended directories. No public exploit has been identified at time of analysis; an upstream fix exists as GitHub PR #758 with no confirmed tagged snap release.

Path Traversal Canonical Microceph
NVD GitHub VulDB
EPSS 1% CVSS 9.1
CRITICAL Act Now

Arbitrary file deletion in the Avada (Fusion) Builder WordPress plugin through version 3.15.3 allows remote unauthenticated attackers to delete any file on the server via path traversal in the maybe_delete_files function, which commonly escalates to remote code execution when wp-config.php is removed and WordPress enters setup mode. Wordfence reports the flaw is reachable through the wp_ajax_nopriv_fusion_form_submit_ajax handler on sites that have a published Avada form saving entries to the database. No public exploit identified at time of analysis, but the CVSS 9.1 score reflects trivial network exploitation with no authentication or user interaction.

Path Traversal PHP WordPress +2
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Arbitrary file read via path traversal in the Woosa - Marktplaats for WooCommerce WordPress plugin (versions up to and including 2.0.4) permits authenticated WordPress administrators to escape the plugin's log directory and access any file readable by the web server process, including the sensitive wp-config.php file. The flaw exists in the render_logs_ui() function within class-module-logger-hook-settings.php, which decodes a base64-supplied filename from the log_file GET parameter and concatenates it with the log directory path without any boundary enforcement. No public exploit code or active exploitation has been identified at time of analysis; the attack surface is meaningfully constrained by the Administrator-level privilege requirement (PR:H), though successful exploitation could cascade into full site compromise via exposed database credentials.

Path Traversal WordPress Woosa Marktplaats For Woocommerce
NVD VulDB
EPSS 1% CVSS 9.3
CRITICAL Emergency

Remote code execution in AVer PTC500S, PTC115, PTC500+, and PTC115+ cameras allows unauthenticated attackers to run arbitrary code by sending a specially crafted web request to the device's HTTP interface. The flaw was reported through CISA's ICS-CERT coordination process and carries a CVSS 4.0 base score of 9.3, but there is no public exploit identified at time of analysis and the CVE is not on the CISA KEV list.

Path Traversal Information Disclosure RCE +3
NVD GitHub
EPSS 1% CVSS 8.7
HIGH PATCH This Week

Path traversal in PraisonAI's MultiAgentMonitor component (versions <= 1.5.114) lets remote attackers who can supply agent identifiers read, write, or overwrite arbitrary files on the host by embedding '../' sequences in agent IDs. The flaw, disclosed by VulnCheck and tracked as GHSA-766v-q9x3-g744, enables information disclosure, denial of service, and potential code execution in multi-agent AI deployments; no public exploit identified at time of analysis but a detailed PoC is included in the advisory.

Path Traversal Denial Of Service RCE +1
NVD GitHub
CVSS 5.8
MEDIUM PATCH This Month

Unauthenticated SSRF in signalk-server ≤2.27.0 allows remote attackers to force the server to make arbitrary HTTP/HTTPS requests to any destination, including RFC 1918 private ranges, loopback, and cloud metadata services at 169.254.169.254. On default installations where no admin user has been created, the security middleware is a no-op, meaning all three vulnerable endpoints are completely unauthenticated over the network. A detailed public PoC is included in the GitHub advisory demonstrating internal network scanning, AWS IAM credential theft via IMDSv1, and path-traversal-assisted targeted data exfiltration; no CISA KEV listing is present at time of analysis.

Microsoft Docker Kubernetes +4
NVD GitHub
EPSS 0% CVSS 8.7
HIGH This Week

Arbitrary file write in HKUDS Nanobot's WhatsApp bridge (versions 0.1.5.post3 and prior) allows remote unauthenticated attackers to write attacker-controlled content to arbitrary filesystem locations by sending a WhatsApp document message with a path-traversal sequence in its fileName field. Because both the destination path and the file content are attacker-controlled, exploitation yields a write-anywhere primitive that can be escalated to remote code execution (e.g., by overwriting authorized_keys or shell startup files). No public exploit identified at time of analysis; a fix is planned for version 0.1.5.post4.

Path Traversal Node.js Nanobot
NVD GitHub
CVSS 5.3
MEDIUM PATCH This Month

Path traversal and query-string injection in the OpenTelemetry Collector Contrib Sentry exporter allows any OTLP span sender to redirect the collector's operator bearer token to arbitrary Sentry API endpoints - including privileged admin, organization, and member management endpoints. The vulnerability stems from the `service.name` span attribute being interpolated directly into Sentry API URLs via `fmt.Sprintf` without validation, while the existing `projectSlugRegexp` safeguard is only applied to operator-configured mappings and never to runtime-derived slugs. No CISA KEV listing exists at time of analysis, but the GHSA advisory provides detailed exploitation steps demonstrating both a universally reliable query-string injection vector and a nginx-dependent path traversal vector, with a fixed version available at 0.154.0.

Path Traversal Nginx Kubernetes
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Grav CMS (getgrav/grav < 1.7.53) exposes admin bcrypt password hashes, SMTP credentials, and full site configuration to any actor who can obtain a session-static admin-nonce value - via XSS, Referrer header leakage, browser history, or proxy logs - because the backup download endpoint enforces only a single URL-embedded nonce with no form-level CSRF token and no session binding. The default backup profile archives the entire GRAV_ROOT directory including user/accounts/ and user/config/ without exclusions, and the download handler Base64-encodes the absolute filesystem path in the response URL, leaking server internals. A fully functional public PoC is available; no CISA KEV listing exists at time of analysis, but downstream risk includes offline hashcat cracking followed by unauthenticated admin login with no server-side rate limiting.

CSRF Information Disclosure RCE +3
NVD GitHub VulDB
EPSS 1% CVSS 8.6
HIGH This Week

Remote code execution in UBB.threads forum software (version 7.7.5 confirmed) is achievable by authenticated users holding template-edit privileges, who can abuse a path traversal weakness to read and write arbitrary files within the web application's privilege scope. CERT-PL reported the issue after vendor contact attempts failed, and there is no public exploit identified at time of analysis. The flaw escalates a routine administrative capability into full server compromise without requiring user interaction.

Path Traversal RCE Ubb Threads
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Path traversal in libzypp's .repo file processing enables low-privileged network-accessible attackers to write content into arbitrary directories on the host filesystem beyond the intended zypp cache boundary. Affected versions span the 17.x series before 17.38.13 and the 16.x series before 16.22.19, covering systems running SUSE Linux Enterprise and openSUSE derivatives that use zypper as their package manager. The primary real-world impact is disk exhaustion across unexpected filesystem paths, causing a denial of service; no confidentiality impact is attributed in the CVSS assessment. No public exploit or CISA KEV listing has been identified at time of analysis.

Path Traversal Libzypp Red Hat +1
NVD VulDB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Path traversal in SEPPmail Secure Email Gateway versions before 15.0.5 allows authenticated remote attackers to write files outside the intended directory by manipulating attachment filenames processed during encrypted PDF generation. Files can be placed in web-accessible locations, enabling potential webshell deployment and integrity compromise. No public exploit identified at time of analysis; the issue was reported by NCSC.ch and is fixed in 15.0.5.

Path Traversal Secure Email Gateway
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

Unauthenticated cross-tenant file upload in Typebot.io chatbot builder versions 3.16.1 and earlier allows anonymous visitors of any published bot containing a file-input block to write attacker-controlled HTML, SVG, or JavaScript into arbitrary subpaths of the shared public S3 bucket. The flaw stems from an unauthenticated presigned-URL endpoint that trusts a raw fileName parameter and does not bind Content-Type, enabling stored XSS on the storage origin and content hosting under other tenants' result paths. No public exploit identified at time of analysis, but the CVSS 9.3 (scope-changed) reflects significant cross-tenant impact.

Path Traversal XSS Typebot Io
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Arbitrary file write in BBOT's postman_download module enables a remote attacker to write files outside the intended output directory on a victim's system by controlling a Postman workspace name containing path traversal sequences. When a user runs the postman_download module, BBOT fetches workspace names from the Postman API and constructs local filesystem paths without sanitization, allowing pathlib to resolve paths into arbitrary locations on the victim's host. No public exploit has been identified at time of analysis, though the attack primitive is straightforward given the publicly committed fix details and low attack complexity.

Path Traversal Bbot
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Path traversal in BBOT's unarchive internal module enables a malicious archive hosted by attacker-controlled infrastructure to write files outside the intended extraction directory when BBOT runs on systems with GNU tar < 1.34. This vulnerability is a residual gap from CVE-2025-10284, which resolved git-specific RCE vectors but left the underlying archive extraction path validation entirely unimplemented, relying instead on inconsistent external tool behavior across platforms. No public exploit has been identified at time of analysis; the CVSS vector (AC:H/UI:R) constrains real-world risk to BBOT operators actively scanning attacker-controlled targets on affected OS distributions, but the high integrity impact (I:H) and zero privilege requirement (PR:N) are significant for red-team and CI/CD BBOT deployments running on legacy base images.

Path Traversal Debian Ubuntu +2
NVD GitHub
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Arbitrary file read in Typemill before 2.24.0 allows authenticated Author-level users to traverse outside the content directory by injecting traversal sequences in the path query parameter when the folder argument is empty, defeating sanitization in Storage::getFolderPath(). Reported by VulnCheck with a vendor patch shipped in 2.24.0/2.24.2; no public exploit identified at time of analysis, and the CVSS 4.0 base score of 7.1 reflects high confidentiality impact with low-privilege network access.

Path Traversal Typemill
NVD GitHub
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Path traversal in Evil-WinRM through 3.9 lets a malicious or compromised remote Windows server overwrite arbitrary files on the operator's client machine when the user invokes the download_dir() function. Because Evil-WinRM is the offensive operator's tool, this inverts the trust model - the 'target' Windows host becomes the attacker and the red teamer or admin running Evil-WinRM becomes the victim, with realistic outcomes including persistent SSH access via overwritten authorized_keys. No public exploit identified at time of analysis, but a public upstream patch (commit 6ecd570) discloses the exact unsanitized File.join() sink.

Path Traversal Privilege Escalation Microsoft +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Arbitrary file read in jknack handlebars.java versions prior to 4.5.2 allows remote unauthenticated attackers to retrieve files outside the intended template directory when applications pass user-controlled input to Handlebars.compile() with a FileTemplateLoader or ClassPathTemplateLoader. The flaw stems from missing path canonicalization in the template loaders, enabling classic ../ traversal sequences to escape the configured template prefix. No public exploit identified at time of analysis, but the GitHub Security Advisory GHSA-r4gv-qr8j-p3pg documents the issue and the fix is available in 4.5.2.

Path Traversal Java
NVD GitHub VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Open redirect in Gitea's login flow allows external domain hijacking by bypassing the `urlIsRelative` validation in `modules/httplib/url.go` through a combination of directory traversal sequences and a backslash in the `redirect_to` parameter. All Gitea instances running version 1.25.4 and below are affected; a working proof-of-concept is publicly available in the GitHub Security Advisory. Exploitation enables phishing via trusted Gitea domains, OAuth/SSO authorization code theft, Referer-header leakage of sensitive parameters, and potential cache poisoning — no public exploit identified as confirmed actively exploited (CISA KEV absent).

Gitea Path Traversal Open Redirect
NVD GitHub
EPSS 0% CVSS 7.7
HIGH PATCH This Week

Authenticated path traversal and SSRF in Open WebUI's terminal-server reverse proxy (versions <= 0.9.5) allows non-admin users with granted terminal access to escape the intended path or policy scope using double-encoded traversal sequences (%252e%252e). The flaw bypasses the project's own _sanitize_proxy_path mitigation, which performs only a single URL-decode pass before the '..' check, letting attackers reach unintended endpoints, files, and internal services routed by the terminal server. No public exploit identified at time of analysis, though the vendor advisory includes working proof-of-concept request strings.

Path Traversal Python SSRF
NVD GitHub
EPSS 1% CVSS 9.1
CRITICAL Act Now

Authenticated remote command execution in Cisco Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) allows administrators to run arbitrary OS commands and escalate to root via a crafted HTTP request. The flaw, tracked as CVE-2026-20181 and reported by Cisco with a CVSS 3.1 score of 9.1 (scope-changed), can also crash single-node deployments and deny network access to unauthenticated endpoints. There is no public exploit identified at time of analysis.

Path Traversal Cisco Denial Of Service +2
NVD VulDB
EPSS 1% CVSS 8.7
HIGH PATCH This Week

Arbitrary file read in picklescan versions before 0.0.35 allows remote unauthenticated attackers to exfiltrate sensitive server files by abusing standard-library callables that the tool's RCE-focused blocklist fails to detect. By chaining io.FileIO and urllib.request.urlopen inside a malicious pickle, an attacker can stream contents of files such as /etc/passwd to an attacker-controlled URL when the scanner processes untrusted model artifacts. Publicly available exploit code exists in the GHSA advisory, but there is no public exploit identified at time of analysis in the form of in-the-wild abuse.

Path Traversal Deserialization Information Disclosure +1
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Sibling-prefix path traversal in open-webui 0.9.5 and earlier allows any authenticated user to read arbitrary files from directories adjacent to the configured cache directory, provided those directories share the string prefix 'cache' (e.g., cache_backup, cached_models). The flaw exists in serve_cache_file() at main.py:2914, where a missing trailing path separator in the startswith boundary check causes os.path.abspath() to validate resolved sibling paths as if they were within the cache root. Publicly available exploit code exists in the GHSA advisory (PoC confirmed against open-webui 0.9.5 via raw ASGI delivery); no confirmed active exploitation (not in CISA KEV) at time of analysis.

Path Traversal Python
NVD GitHub
EPSS 0% CVSS 8.6
HIGH This Week

Path traversal in EMV JobCareer WordPress theme versions up to and including 7.3 allows remote unauthenticated attackers to delete arbitrary files outside the intended directory, leading to high availability impact with scope change. Reported by Patchstack and tracked under CWE-22, this flaw carries a CVSS 3.1 score of 8.6, though no public exploit identified at time of analysis. The Patchstack advisory characterizes this as an arbitrary file deletion vulnerability rather than a read primitive.

Path Traversal Jobcareer
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Unauthenticated arbitrary file deletion in the WorkScout-Core WordPress plugin (versions <= 1.7.11) allows any remote attacker to delete files on the underlying server without credentials. The flaw stems from a path traversal weakness (CWE-22) in a file-handling endpoint that fails to sanitize user-supplied input before constructing filesystem paths. Exploitation requires no authentication, no user interaction, and no special configuration, meaning every publicly reachable WordPress installation running this plugin version is exposed; no public exploit or CISA KEV listing has been identified at time of analysis.

Path Traversal Workscout Core
NVD
EPSS 0% CVSS 7.7
HIGH This Week

Arbitrary file deletion in the Fusion Builder WordPress plugin (versions <= 3.15.4) allows authenticated users with Contributor-level privileges to delete arbitrary files on the underlying server via a path traversal flaw. Deletion of critical files such as wp-config.php can force WordPress into setup mode, enabling site takeover; no public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Path Traversal Fusion Builder
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in QuantumCloud Conversational Forms for ChatBot allows Path Traversal.1.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Conversational Forms For Chatbot
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Arbitrary file download via path traversal in the Client Portal (Pro) WordPress plugin versions 5.6.2 and earlier exposes sensitive server-side files to authenticated low-privilege users. The CWE-22 flaw allows any registered portal user to craft a file request that escapes the intended directory boundary and retrieve arbitrary files accessible to the web server process - including wp-config.php containing database credentials. No public exploit or CISA KEV listing exists at time of analysis, but the high confidentiality impact combined with low attack complexity makes this a meaningful data exposure risk on affected WordPress installations.

Path Traversal Client Portal Pro
NVD
EPSS 1% CVSS 8.6
HIGH This Week

Unauthenticated arbitrary file deletion in the OvaTheme BookPro WordPress plugin (versions ≤ 1.1.0) allows remote attackers to delete arbitrary files from the underlying server via a path traversal flaw (CWE-22). Deletion of critical files such as wp-config.php can force a WordPress site into the setup state, enabling site takeover, while the scope-changed CVSS 3.1 score of 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/A:H) and Patchstack disclosure mark this as a high-priority issue despite no public exploit being identified at time of analysis.

Path Traversal Bookpro
NVD
Prev Page 4 of 86 Next

Quick Facts

Typical Severity
HIGH
Category
web
Total CVEs
7719

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy