Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Tag: path-traversal Clear
ID Title
CVE-2026-53480 Path Traversal in path-traversal (CVE-2026-53480)
path traversal in path-traversal (CVE-2026-53480). Risk of unauthorized operations or information disclosure.
CVE-2026-58654 Unrestricted File Upload in path-traversal (CVE-2026-58654)
vulnerability in path-traversal (CVE-2026-58654). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.1` or later.
CVE-2026-14244 Path Traversal in wordpress (CVE-2026-14244)
path traversal in wordpress (CVE-2026-14244). Confidential information can be exposed externally.
CVE-2026-53481 Path Traversal in path-traversal (CVE-2026-53481)
path traversal in path-traversal (CVE-2026-53481). Successful exploitation can lead to full system takeover.
CVE-2026-9181 Path Traversal in path-traversal (CVE-2026-9181)
path traversal in path-traversal (CVE-2026-9181). Successful exploitation can lead to full system takeover.
CVE-2026-40047 Vulnerability in apache (CVE-2026-40047)
vulnerability in apache (CVE-2026-40047). Confidential information can be exposed externally. Exploitable via ``docling``.
CVE-2026-24014 Vulnerability in apache (CVE-2026-24014)
vulnerability in apache (CVE-2026-24014). Successful exploitation can lead to full system takeover.
CVE-2026-14636 Path Traversal in path-traversal (CVE-2026-14636)
path traversal in path-traversal (CVE-2026-14636). Risk of unauthorized operations or information disclosure.
CVE-2026-14635 Path Traversal in path-traversal (CVE-2026-14635)
path traversal in path-traversal (CVE-2026-14635). Risk of unauthorized operations or information disclosure.
CVE-2026-58522 Vulnerability in path-traversal (CVE-2026-58522)
vulnerability in path-traversal (CVE-2026-58522). Confidential information can be exposed externally.
CVE-2026-58300 Vulnerability in path-traversal (CVE-2026-58300)
vulnerability in path-traversal (CVE-2026-58300). Confidential information can be exposed externally.
CVE-2026-57988 Vulnerability in path-traversal (CVE-2026-57988)
vulnerability in path-traversal (CVE-2026-57988). Data can be tampered with by attackers.
CVE-2026-41124 Path Traversal in path-traversal (CVE-2026-41124)
path traversal in path-traversal (CVE-2026-41124). Risk of unauthorized operations or information disclosure.
CVE-2026-47896 Path Traversal in csharp (CVE-2026-47896)
path traversal in csharp (CVE-2026-47896). Confidential information can be exposed externally.
CVE-2026-47897 Path Traversal in csharp (CVE-2026-47897)
path traversal in csharp (CVE-2026-47897). Data can be tampered with by attackers.
CVE-2026-9725 Path Traversal in wordpress (CVE-2026-9725)
path traversal in wordpress (CVE-2026-9725). Data can be tampered with by attackers.
CVE-2026-14352 Path Traversal in wordpress (CVE-2026-14352)
path traversal in wordpress (CVE-2026-14352). Confidential information can be exposed externally. Exploitable via `Referer header`.
CVE-2026-14327 Path Traversal in wordpress (CVE-2026-14327)
path traversal in wordpress (CVE-2026-14327). Confidential information can be exposed externally.
CVE-2026-58467 Path Traversal in nginx (CVE-2026-58467)
path traversal in nginx (CVE-2026-58467). Confidential information can be exposed externally.
CVE-2026-13251 Path Traversal in wordpress (CVE-2026-13251)
path traversal in wordpress (CVE-2026-13251). Confidential information can be exposed externally.
CVE-2026-58451 Path Traversal in csrf (CVE-2026-58451)
path traversal in csrf (CVE-2026-58451). Confidential information can be exposed externally.
CVE-2026-6070 Vulnerability in wordpress (CVE-2026-6070)
vulnerability in wordpress (CVE-2026-6070). Data can be tampered with by attackers.
CVE-2026-48314 Path Traversal in path-traversal (CVE-2026-48314)
path traversal in path-traversal (CVE-2026-48314). Risk of unauthorized operations or information disclosure.
CVE-2026-48313 Path Traversal in path-traversal (CVE-2026-48313)
path traversal in path-traversal (CVE-2026-48313). Confidential information can be exposed externally.
CVE-2026-48282 KEV [KEV] Path Traversal in Adobe path-traversal (CVE-2026-48282)
path traversal in Adobe path-traversal (CVE-2026-48282). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-11367 Path Traversal in wordpress (CVE-2026-11367)
path traversal in wordpress (CVE-2026-11367). Confidential information can be exposed externally.
CVE-2026-11720 Path Traversal in path-traversal (CVE-2026-11720)
path traversal in path-traversal (CVE-2026-11720). Confidential information can be exposed externally.
CVE-2026-40521 Path Traversal in path-traversal (CVE-2026-40521)
path traversal in path-traversal (CVE-2026-40521). Successful exploitation can lead to full system takeover.
CVE-2026-13528 Path Traversal in vue (CVE-2026-13528)
path traversal in vue (CVE-2026-13528). Risk of unauthorized operations or information disclosure.
CVE-2026-13503 Path Traversal in path-traversal (CVE-2026-13503)
path traversal in path-traversal (CVE-2026-13503). Risk of unauthorized operations or information disclosure.
CVE-2026-52884 Vulnerability in cpp (CVE-2026-52884)
vulnerability in cpp (CVE-2026-52884). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6.2` or later.
CVE-2025-55017 Path Traversal in apache (CVE-2025-55017)
path traversal in apache (CVE-2025-55017). Confidential information can be exposed externally.
CVE-2025-64152 Path Traversal in apache (CVE-2025-64152)
path traversal in apache (CVE-2025-64152). Confidential information can be exposed externally.
CVE-2025-10268 Vulnerability in wordpress (CVE-2025-10268)
vulnerability in wordpress (CVE-2025-10268). Risk of unauthorized operations or information disclosure.
CVE-2025-71338 Vulnerability in path-traversal (CVE-2025-71338)
vulnerability in path-traversal (CVE-2025-71338). Successful exploitation can lead to full system takeover.
CVE-2025-71333 Vulnerability in path-traversal (CVE-2025-71333)
vulnerability in path-traversal (CVE-2025-71333). Successful exploitation can lead to full system takeover.
CVE-2025-71324 Vulnerability in path-traversal (CVE-2025-71324)
vulnerability in path-traversal (CVE-2025-71324). Confidential information can be exposed externally.
CVE-2026-40084 Path Traversal in path-traversal (CVE-2026-40084)
path traversal in path-traversal (CVE-2026-40084). Confidential information can be exposed externally.
CVE-2026-45233 Path Traversal in path-traversal (CVE-2026-45233)
path traversal in path-traversal (CVE-2026-45233). Data can be tampered with by attackers.
CVE-2026-49506 Path Traversal in path-traversal (CVE-2026-49506)
path traversal in path-traversal (CVE-2026-49506). Successful exploitation can lead to full system takeover.
CVE-2026-45188 Vulnerability in apache (CVE-2026-45188)
vulnerability in apache (CVE-2026-45188). Risk of unauthorized operations or information disclosure.
CVE-2026-8662 Path Traversal in path-traversal (CVE-2026-8662)
path traversal in path-traversal (CVE-2026-8662). Risk of unauthorized operations or information disclosure.
CVE-2026-39899 Path Traversal in path-traversal (CVE-2026-39899)
path traversal in path-traversal (CVE-2026-39899). Risk of unauthorized operations or information disclosure.
CVE-2026-7547 Path Traversal in wordpress (CVE-2026-7547)
path traversal in wordpress (CVE-2026-7547). Confidential information can be exposed externally.
CVE-2026-54414 Path Traversal in path-traversal (CVE-2026-54414)
path traversal in path-traversal (CVE-2026-54414). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.16.0` or later.
CVE-2026-55760 Path Traversal in com.github.jknack:handlebars (CVE-2026-55760)
path traversal in com.github.jknack:handlebars (CVE-2026-55760). Confidential information can be exposed externally. Mitigation: upgrade to `4.5.2` or later.
CVE-2026-50203 Path Traversal in apache-airflow-providers-sftp (CVE-2026-50203)
path traversal in apache-airflow-providers-sftp (CVE-2026-50203). Confidential information can be exposed externally. Exploitable via ``SFTPHook.retrieve_directory``. Mitigation: upgrade to `5.8.1` or later.
CVE-2026-53865 Vulnerability in openclaw (CVE-2026-53865)
vulnerability in openclaw (CVE-2026-53865). Confidential information can be exposed externally. Exploitable via ``trash``. Mitigation: upgrade to `2026.5.2` or later.
CVE-2026-53846 Vulnerability in openclaw (CVE-2026-53846)
vulnerability in openclaw (CVE-2026-53846). Confidential information can be exposed externally. Mitigation: upgrade to `2026.4.29` or later.
CVE-2026-42867 Path Traversal in langflow (CVE-2026-42867)
path traversal in langflow (CVE-2026-42867). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/knowledge_bases`. Mitigation: upgrade to `1.9.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →