Total
8076 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54748 | 2 Mapsvg, Wordpress | 2 Mapsvg, Wordpress | 2026-01-20 | 6.5 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RomanCode MapSVG mapsvg allows Path Traversal.This issue affects MapSVG: from n/a through < 8.6.12. | ||||
| CVE-2026-23745 | 1 Isaacs | 1 Tar | 2026-01-20 | 8.2 High |
| node-tar is a Tar for Node.js. The node-tar library (<= 7.5.2) fails to sanitize the linkpath of Link (hardlink) and SymbolicLink entries when preservePaths is false (the default secure behavior). This allows malicious archives to bypass the extraction root restriction, leading to Arbitrary File Overwrite via hardlinks and Symlink Poisoning via absolute symlink targets. This vulnerability is fixed in 7.5.3. | ||||
| CVE-2025-8110 | 1 Gogs | 1 Gogs | 2026-01-20 | 8.8 High |
| Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code. | ||||
| CVE-2026-23535 | 1 Weblateorg | 1 Wlc | 2026-01-19 | 8.1 High |
| wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.2, the multi-translation download could write to an arbitrary location when instructed by a crafted server. This vulnerability is fixed in 1.17.2. | ||||
| CVE-2025-68705 | 1 Rustfs | 1 Rustfs | 2026-01-16 | 9.8 Critical |
| RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.13 to 1.0.0-alpha.78, RustFS contains a path traversal vulnerability in the /rustfs/rpc/read_file_stream endpoint. This issue has been patched in version 1.0.0-alpha.79. | ||||
| CVE-2023-53962 | 1 Sound4 | 18 Big Voice2, Big Voice2 Firmware, Big Voice4 and 15 more | 2026-01-16 | 7.5 High |
| SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated directory traversal vulnerability that allows remote attackers to write arbitrary files through the 'upgfile' parameter in upload.cgi. Attackers can exploit the vulnerability by sending crafted multipart form-data POST requests with directory traversal sequences to write files to unintended system locations. | ||||
| CVE-2022-50796 | 1 Sound4 | 21 Big Voice2, Big Voice2 Firmware, Big Voice4 and 18 more | 2026-01-16 | 9.8 Critical |
| SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an unauthenticated remote code execution vulnerability in the firmware upload functionality with path traversal flaw. Attackers can exploit the upload.cgi script to write malicious files to the system with www-data permissions, enabling unauthorized access and code execution. | ||||
| CVE-2022-50792 | 1 Sound4 | 21 Big Voice2, Big Voice2 Firmware, Big Voice4 and 18 more | 2026-01-16 | 7.5 High |
| SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated file disclosure vulnerability that allows remote attackers to access sensitive system files. Attackers can exploit the vulnerability by manipulating the 'file' GET parameter to disclose arbitrary files on the affected device. | ||||
| CVE-2025-68428 | 1 Parall | 1 Jspdf | 2026-01-16 | 7.5 High |
| jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file contents of arbitrary files in the local file system the node process is running in. The file contents are included verbatim in the generated PDFs. Other affected methods are `addImage`, `html`, and `addFont`. Only the node.js builds of the library are affected, namely the `dist/jspdf.node.js` and `dist/jspdf.node.min.js` files. The vulnerability has been fixed in jsPDF@4.0.0. This version restricts file system access per default. This semver-major update does not introduce other breaking changes. Some workarounds areavailable. With recent node versions, jsPDF recommends using the `--permission` flag in production. The feature was introduced experimentally in v20.0.0 and is stable since v22.13.0/v23.5.0/v24.0.0. For older node versions, sanitize user-provided paths before passing them to jsPDF. | ||||
| CVE-2025-42894 | 1 Sap | 1 Business Connector | 2026-01-16 | 6.8 Medium |
| Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the host system. Successful exploitation could enable the attacker to execute arbitrary operating system commands on the server, resulting in a complete compromise of the confidentiality, integrity, and availability of the affected system. | ||||
| CVE-2021-47795 | 1 Geovision | 1 Geowebserver | 2026-01-16 | 6.2 Medium |
| GeoVision GeoWebServer 5.3.3 contains multiple vulnerabilities including local file inclusion, cross-site scripting, and remote code execution through improper input sanitization. Attackers can exploit the WebStrings.srf endpoint by manipulating path traversal and injection parameters to access system files and execute malicious scripts. | ||||
| CVE-2026-22876 | 1 Toa Corporation | 1 Trifora 3 Series | 2026-01-16 | N/A |
| Path Traversal vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation. If this vulnerability is exploited, arbitrary files on the affected product may be retrieved by a logged-in user with the low("monitoring user") or higher privilege. | ||||
| CVE-2025-66292 | 1 Donknap | 1 Dpanel | 2026-01-16 | 8.1 High |
| DPanel is an open source server management panel written in Go. Prior to 1.9.2, DPanel has an arbitrary file deletion vulnerability in the /api/common/attach/delete interface. Authenticated users can delete arbitrary files on the server via path traversal. When a user logs into the administrative backend, this interface can be used to delete files. The vulnerability lies in the Delete function within the app/common/http/controller/attach.go file. The path parameter submitted by the user is directly passed to storage.Local{}.GetSaveRealPath and subsequently to os.Remove without proper sanitization or checking for path traversal characters (../). And the helper function in common/service/storage/local.go uses filepath.Join, which resolves ../ but does not enforce a chroot/jail. This vulnerability is fixed in 1.9.2. | ||||
| CVE-2024-1132 | 1 Redhat | 23 Amq Broker, Build Keycloak, Build Of Keycloak and 20 more | 2026-01-16 | 8.1 High |
| A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL. | ||||
| CVE-2025-14301 | 3 Woocommerce, Woosaai, Wordpress | 3 Woocommerce, Integration Opvius Ai For Woocommerce, Wordpress | 2026-01-15 | 9.8 Critical |
| The Integration Opvius AI for WooCommerce plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.0. This is due to the `process_table_bulk_actions()` function processing user-supplied file paths without authentication checks, nonce verification, or path validation. This makes it possible for unauthenticated attackers to delete or download arbitrary files on the server via the `wsaw-log[]` POST parameter, which can be leveraged to delete critical files like `wp-config.php` or read sensitive configuration files. | ||||
| CVE-2025-11540 | 1 Sharp | 52 Np-cr5450h, Np-cr5450h Firmware, Np-cr5450hl and 49 more | 2026-01-15 | 7.5 High |
| Path Traversal vulnerability in Sharp Display Solutions projectors allows a attacker may access and read any files within the projector. | ||||
| CVE-2025-65025 | 2 Esm, Esm-dev | 2 Esm.sh, Esmsh | 2026-01-15 | 8.2 High |
| esm.sh is a nobuild content delivery network(CDN) for modern web development. Prior to version 136, the esm.sh CDN service is vulnerable to path traversal during NPM package tarball extraction. An attacker can craft a malicious NPM package containing specially crafted file paths (e.g., package/../../tmp/evil.js). When esm.sh downloads and extracts this package, files may be written to arbitrary locations on the server, escaping the intended extraction directory. This issue has been patched in version 136. | ||||
| CVE-2025-4529 | 1 Seeyon | 1 Oa Web Application System | 2026-01-15 | 4.3 Medium |
| A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been classified as problematic. Affected is the function Download of the file seeyon\opt\Seeyon\A8\ApacheJetspeed\webapps\seeyon\WEB-INF\lib\seeyon-apps-m3.jar!\com\seeyon\apps\m3\core\controller\M3CoreController.class of the component ZIP File Handler. The manipulation of the argument Name leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9142 | 1 Checkpoint | 1 Harmony Sase | 2026-01-15 | 7.5 High |
| A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory. | ||||
| CVE-2025-67254 | 1 Nagios | 2 Nagios Xi, Xi | 2026-01-15 | 7.5 High |
| NagiosXI 2026R1.0.1 build 1762361101 is vulnerable to Directory Traversal in /admin/coreconfigsnapshots.php. | ||||