Total
8266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-24486 | 1 Fastapiexpert | 1 Python-multipart | 2026-02-17 | N/A | 8.6 HIGH |
|
Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exists when using non-default configuration options `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`. An attacker can write uploaded files to arbitrary locations on the filesystem by crafting a malicious filename. Users should upgrade to version 0.0.22 to receive a patch or, as a workaround, avoid using `UPLOAD_KEEP_FILENAME=True` in project configurations.
|
|||||
| CVE-2021-41773 | 4 Apache, Fedoraproject, Netapp and 1 more | 4 Http Server, Fedora, Cloud Backup and 1 more | 2026-02-17 | 4.3 MEDIUM | 9.8 CRITICAL |
|
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the ...
Show More |
|||||
| CVE-2026-25964 | 1 Tandoor | 1 Recipes | 2026-02-17 | N/A | 4.9 MEDIUM |
|
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.5.1, a Path Traversal vulnerability in the RecipeImport workflow of Tandoor Recipes allows authenticated users with import permissions to read arbitrary files on the server. This vulnerability stems from a lack of input validation in the file_path parameter and insufficient checks in the Local storage backend, enabling an attacker to bypass storage directory restrictions and access sen ...
Show More |
|||||
| CVE-2025-12757 | 1 Axis | 1 Camera Station Pro | 2026-02-17 | N/A | 4.6 MEDIUM |
|
An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to.
|
|||||
| CVE-2025-70084 | 1 Opensatkit | 1 Opensatkit | 2026-02-17 | N/A | 7.5 HIGH |
|
Directory traversal vulnerability in OpenSatKit 2.2.1 allows attackers to gain access to sensitive information or delete arbitrary files via crafted value to the FileUtil_GetFileInfo function.
|
|||||
| CVE-2025-69055 | 2026-02-17 | N/A | 6.5 MEDIUM | ||
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SeaTheme BM Content Builder allows Path Traversal.This issue affects BM Content Builder: from n/a before 3.16.3.3.
|
|||||
| CVE-2025-9566 | 2026-02-16 | N/A | 8.1 HIGH | ||
|
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file.
Binary-Affected: podman
Upstream-version-introduced: v4.0.0
Upstream-version-fixed: v5.6.1
|
|||||
| CVE-2025-69770 | 2026-02-13 | N/A | 10.0 CRITICAL | ||
|
A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commands via uploading a crafted zip file.
|
|||||
| CVE-2026-25161 | 1 Alistgo | 1 Alist | 2026-02-13 | N/A | 8.8 HIGH |
|
Alist is a file list program that supports multiple storages, powered by Gin and Solidjs. Prior to version 3.57.0, the application contains path traversal vulnerability in multiple file operation handlers. An authenticated attacker can bypass directory-level authorisation by injecting traversal sequences into filename components, enabling unauthorised file removal, movement and copying across user boundaries within the same storage mount. This issue has been patched in version 3.57.0.
|
|||||
| CVE-2022-45969 | 1 Alistgo | 1 Alist | 2026-02-13 | N/A | 9.8 CRITICAL |
|
Alist v3.4.0 is vulnerable to Directory Traversal,
|
|||||
| CVE-2025-25652 | 1 Eptura | 1 Archibus | 2026-02-13 | N/A | 7.5 HIGH |
|
In Eptura Archibus 2024.03.01.109, the "Run script" and "Server File" components of the "Database Update Wizard" are vulnerable to directory traversal.
|
|||||
| CVE-2026-0651 | 1 Tp-link | 2 Tapo C260, Tapo C260 Firmware | 2026-02-13 | N/A | 7.8 HIGH |
|
On TP-Link Tapo C260 v1, path traversal is possible due to improper handling of specific GET request paths via https, allowing local unauthenticated probing of filesystem paths. An attacker on the local network can determine whether certain files exists on the device, with no read, write or code execution possibilities.
|
|||||
| CVE-2026-1588 | 1 Jishenghua | 1 Jsherp | 2026-02-13 | 3.3 LOW | 2.7 LOW |
|
A vulnerability was found in jishenghua jshERP up to 3.6. The impacted element is the function install of the file /jshERP-boot/plugin/installByPath of the component com.gitee.starblues.integration.operator.DefaultPluginOperator. The manipulation of the argument path results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
|
|||||
| CVE-2026-25895 | 1 Frangoteam | 1 Fuxa | 2026-02-13 | N/A | 9.8 CRITICAL |
|
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. A path traversal vulnerability in FUXA allows an unauthenticated, remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This affects FUXA through version 1.2.9. This issue has been patched in FUXA version 1.2.10.
|
|||||
| CVE-2026-25951 | 1 Frangoteam | 1 Fuxa | 2026-02-13 | N/A | 7.2 HIGH |
|
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. Prior to 1.2.11, there is a flaw in the path sanitization logic allows an authenticated attacker with administrative privileges to bypass directory traversal protections. By using nested traversal sequences (e.g., ....//), an attacker can write arbitrary files to the server filesystem, including sensitive directories like runtime/scripts. This leads to Remote Code Execution (RCE) when the server reloads the malicious scrip ...
Show More |
|||||
| CVE-2025-47176 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2026-02-13 | N/A | 7.8 HIGH |
|
'.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally.
|
|||||
| CVE-2026-20660 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-02-13 | N/A | 7.5 HIGH |
|
A path handling issue was addressed with improved logic. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. A remote user may be able to write arbitrary files.
|
|||||
| CVE-2020-37041 | 1 Citeum | 1 Opencti | 2026-02-13 | N/A | 7.5 HIGH |
|
OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can read arbitrary files from the filesystem by sending crafted GET requests with path traversal sequences (e.g., '../') in the URL. For example, requesting /static/css//../../../../../../../../etc/passwd returns the contents of /etc/passwd. This vulnerability was discovered by Raif Berkay Dincel and confirmed on Linux Mint and Windows 10.
|
|||||
| CVE-2021-47724 | 1 Stvs | 1 Provision | 2026-02-13 | N/A | 6.5 MEDIUM |
|
STVS ProVision 5.9.10 contains a path traversal vulnerability that allows authenticated attackers to access arbitrary files by manipulating the files parameter in the archive download functionality. Attackers can send GET requests to /archive/download with directory traversal sequences to read sensitive system files like /etc/passwd.
|
|||||
| CVE-2024-44825 | 2026-02-13 | N/A | 7.5 HIGH | ||
|
Directory Traversal vulnerability in Centro de Tecnologia da Informaco Renato Archer InVesalius3 v3.1.99995 allows attackers to write arbitrary files unto the system via a crafted .inv3 file.
|
|||||
| CVE-2025-43417 | 1 Apple | 1 Macos | 2026-02-13 | N/A | 5.5 MEDIUM |
|
A path handling issue was addressed with improved logic. This issue is fixed in macOS Sonoma 14.8.4. An app may be able to access user-sensitive data.
|
|||||
| CVE-2026-20653 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-02-13 | N/A | 5.5 MEDIUM |
|
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to access sensitive user data.
|
|||||
| CVE-2026-25475 | 1 Openclaw | 1 Openclaw | 2026-02-13 | N/A | 6.5 MEDIUM |
|
OpenClaw is a personal AI assistant. Prior to version 2026.1.30, the isValidMedia() function in src/media/parse.ts allows arbitrary file paths including absolute paths, home directory paths, and directory traversal sequences. An agent can read any file on the system by outputting MEDIA:/path/to/file, exfiltrating sensitive data to the user/channel. This issue has been patched in version 2026.1.30.
|
|||||
| CVE-2019-25333 | 2026-02-13 | N/A | 7.5 HIGH | ||
|
Bullwark Momentum Series JAWS 1.0 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP request paths. Attackers can exploit the vulnerability by sending crafted GET requests with multiple '../' sequences to read sensitive files like /etc/passwd outside the web root directory.
|
|||||
| CVE-2025-64074 | 2026-02-12 | N/A | 5.3 MEDIUM | ||
|
A path-traversal vulnerability in the logout functionality of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote attackers to delete arbitrary files on the host by supplying a crafted session cookie value.
|
|||||
| CVE-2026-20625 | 1 Apple | 2 Macos, Visionos | 2026-02-12 | N/A | 5.5 MEDIUM |
|
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. An app may be able to access sensitive user data.
|
|||||
| CVE-2025-14914 | 1 Ibm | 1 Websphere Application Server | 2026-02-12 | N/A | 7.6 HIGH |
|
IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences resulting in an overwrite of files leading to arbitrary code execution.
|
|||||
| CVE-2026-24741 | 1 C4illin | 1 Convertx | 2026-02-12 | N/A | 8.1 HIGH |
|
ConvertXis a self-hosted online file converter. In versions prior to 0.17.0, the `POST /delete` endpoint uses a user-controlled `filename` value to construct a filesystem path and deletes it via `unlink` without sufficient validation. By supplying path traversal sequences (e.g., `../`), an attacker can delete arbitrary files outside the intended uploads directory, limited only by the permissions of the server process. Version 0.17.0 fixes the issue.
|
|||||
| CVE-2026-20669 | 1 Apple | 1 Macos | 2026-02-12 | N/A | 5.5 MEDIUM |
|
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.
|
|||||
| CVE-2025-54162 | 1 Qnap | 1 File Station | 2026-02-12 | N/A | 4.9 MEDIUM |
|
A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.5068 and later
|
|||||
| CVE-2025-62853 | 1 Qnap | 1 File Station | 2026-02-12 | N/A | 6.5 MEDIUM |
|
A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.5166 and later
|
|||||
| CVE-2025-62855 | 1 Qnap | 1 File Station | 2026-02-12 | N/A | 4.4 MEDIUM |
|
A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.5190 and later
|
|||||
| CVE-2025-62856 | 1 Qnap | 1 File Station | 2026-02-12 | N/A | 4.4 MEDIUM |
|
A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.5190 and later
|
|||||
| CVE-2025-66278 | 1 Qnap | 1 File Station | 2026-02-12 | N/A | 6.5 MEDIUM |
|
A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.5190 and later
|
|||||
| CVE-2026-22894 | 1 Qnap | 1 File Station | 2026-02-12 | N/A | 6.5 MEDIUM |
|
A path traversal vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.5190 and later
|
|||||
| CVE-2025-69874 | 2026-02-12 | N/A | 9.8 CRITICAL | ||
|
nanotar through 0.2.0 has a path traversal vulnerability in parseTar() and parseTarGzip() that allows remote attackers to write arbitrary files outside the intended extraction directory via a crafted tar archive containing path traversal sequence.
|
|||||
| CVE-2020-37214 | 2026-02-12 | N/A | 7.5 HIGH | ||
|
Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in /admin/voyager-assets to read arbitrary files like /etc/passwd and .env configuration files.
|
|||||
| CVE-2025-58470 | 1 Qnap | 1 Qsync Central | 2026-02-12 | N/A | 6.5 MEDIUM |
|
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following version:
Qsync Central 5.0.0.4 ( 2026/01/20 ) and later
|
|||||
| CVE-2025-68406 | 1 Qnap | 1 Qsync Central | 2026-02-12 | N/A | 6.5 MEDIUM |
|
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following version:
Qsync Central 5.0.0.4 ( 2026/01/20 ) and later
|
|||||
| CVE-2025-3722 | 1 Trellix | 1 System Information Reporter | 2026-02-11 | N/A | 4.4 MEDIUM |
|
A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and exposing sensitive information disclosure.
|
|||||