Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Tag: cwe-35 Clear
ID Title
CVE-2026-49779 Customer Path Traversal in Tax Exempt for WooCommerce <= 1.9.3 versions.
Customer Path Traversal in Tax Exempt for WooCommerce <= 1.9.3 versions.
CVE-2026-52707 Unauthenticated Local File Inclusion in Kastell <= 2.0 versions.
Unauthenticated Local File Inclusion in Kastell <= 2.0 versions.
CVE-2026-52703 Unauthenticated Path Traversal in FastDup <= 2.7.2 versions.
Unauthenticated Path Traversal in FastDup <= 2.7.2 versions.
CVE-2026-49112 Unauthenticated Path Traversal in Shared Files <= 1.7.64 versions.
Unauthenticated Path Traversal in Shared Files <= 1.7.64 versions.
CVE-2026-42661 Custom role Path Traversal in WP Customer Area <= 8.3.4 versions.
Custom role Path Traversal in WP Customer Area <= 8.3.4 versions.
CVE-2026-40128 Vulnerability in path-traversal (CVE-2026-40128)
vulnerability in path-traversal (CVE-2026-40128). Successful exploitation can lead to full system takeover.
CVE-2026-24315 Vulnerability in CVE-2026-24315 (CVE-2026-24315)
vulnerability in CVE-2026-24315 (CVE-2026-24315). Risk of unauthorized operations or information disclosure.
CVE-2026-45661 Path Traversal in path-traversal (CVE-2026-45661)
path traversal in path-traversal (CVE-2026-45661). Successful exploitation can lead to full system takeover.
CVE-2026-44933 Vulnerability in CVE-2026-44933 (CVE-2026-44933)
vulnerability in CVE-2026-44933 (CVE-2026-44933). Successful exploitation can lead to full system takeover. Exploitable via ``PluginScript``.
CVE-2026-45495 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2026-7302 Vulnerability in sglang (CVE-2026-7302)
vulnerability in sglang (CVE-2026-7302). Data can be tampered with by attackers.
CVE-2026-42930 Vulnerability in f5 (CVE-2026-42930)
vulnerability in f5 (CVE-2026-42930). Confidential information can be exposed externally.
CVE-2026-24464 Vulnerability in path-traversal (CVE-2026-24464)
vulnerability in path-traversal (CVE-2026-24464). Data can be tampered with by attackers.
CVE-2026-25705 Vulnerability in github.com/rancher/rancher (CVE-2026-25705)
vulnerability in github.com/rancher/rancher (CVE-2026-25705). Successful exploitation can lead to full system takeover. Exploitable via ``compressedEndpoint``. Mitigation: upgrade to `2.11.13` or later.
CVE-2026-0804 Vulnerability in path-traversal (CVE-2026-0804)
vulnerability in path-traversal (CVE-2026-0804). Successful exploitation can lead to full system takeover.
CVE-2026-20034 Vulnerability in Cisco unity-connection (CVE-2026-20034)
vulnerability in Cisco unity-connection (CVE-2026-20034). Successful exploitation can lead to full system takeover.
CVE-2026-6074 Vulnerability in cisa (CVE-2026-6074)
vulnerability in cisa (CVE-2026-6074). Successful exploitation can lead to full system takeover.
CVE-2026-42274 Vulnerability in github.com/dadrus/heimdall (CVE-2026-42274)
vulnerability in github.com/dadrus/heimdall (CVE-2026-42274). Risk of unauthorized operations or information disclosure. Exploitable via ``allow_encoded_slashes``. Mitigation: upgrade to `0.17.14` or later.
CVE-2025-68428 Vulnerability in path-traversal (CVE-2025-68428)
vulnerability in path-traversal (CVE-2025-68428). Confidential information can be exposed externally. Exploitable via ``addImage``.
CVE-2025-8088 KEV [KEV] Vulnerability in Rarlab winrar (CVE-2025-8088)
vulnerability in Rarlab winrar (CVE-2025-8088). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-54216 Vulnerability in path-traversal (CVE-2024-54216)
vulnerability in path-traversal (CVE-2024-54216). Confidential information can be exposed externally.
CVE-2024-39171 Path Traversal in phpvibe (CVE-2024-39171)
path traversal in phpvibe (CVE-2024-39171). Successful exploitation can lead to full system takeover.
CVE-2022-3693 Path Traversal in path-traversal (CVE-2022-3693)
path traversal in path-traversal (CVE-2022-3693). Confidential information can be exposed externally.
CVE-2022-2265 Path Traversal in path-traversal (CVE-2022-2265)
path traversal in path-traversal (CVE-2022-2265). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →