Weaknesses of type CWE-22

4,838 results
CVE-2025-67819MEDIUMAn issue was discovered in Weaviate OSS before 1.33.4. Due to a lack of validation of the fileName field in the transfer logic, an attacker EPSS 0.4%CVE-2025-7896MEDIUMharry0703 MoneyPrinterTurbo video.py delete_video path traversalEPSS 0.4%CVE-2025-48130HIGHWordPress Spice Blocks plugin <= 2.0.7.4 - Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2026-24125MEDIUMPath Traversal in @tinacms/graphqlEPSS 0.4%CVE-2025-47535HIGHWordPress Opal Woo Custom Product Variation plugin <= 1.2.0 - Arbitrary File Deletion VulnerabilityEPSS 0.4%CVE-2026-7159MEDIUMdouinc mkdocs-mcp-plugin server.py list_documents path traversalEPSS 0.4%CVE-2025-66251HIGHUnauthenticated Path Traversal with Arbitrary File DeletionEPSS 0.4%CVE-2025-54819HIGHImproper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:EPSS 0.4%CVE-2025-59744HIGHMultiple vulnerabilities in AndSoft's e-TMSEPSS 0.4%CVE-2025-61586MEDIUMFreshRSS is vulnerable to directory enumeration by setting path in its theme fieldEPSS 0.4%CVE-2026-28462HIGHOpenClaw < 2026.2.13 - Path Traversal in Trace and Download Output PathsEPSS 0.4%CVE-2025-11016MEDIUMkalcaddle kodbox index.class.php fileOut path traversalEPSS 0.4%CVE-2026-7272MEDIUMWilliamCloudQi matlab-mcp-server MCP index.ts execute_matlab_code path traversalEPSS 0.4%CVE-2024-8647MEDIUMImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLabEPSS 0.4%CVE-2026-44716HIGHPipecat: Path Traversal in Pipecat Runner `/files` Endpoint — Arbitrary File Read via `%2F`-Encoded SeparatorEPSS 0.4%CVE-2025-59336MEDIUMRelative Path Traversal in LuanoxEPSS 0.4%CVE-2023-52144MEDIUMWordPress Product Feed Manager plugin <= 7.3.15 - Directory Traversal vulnerabilityEPSS 0.4%CVE-2026-52830CRITICALfast-mcp-telegram: Bearer token path traversal bypasses reserved Telegram session protectionEPSS 0.4%CVE-2025-29845MEDIUMA vulnerability in VideoPlayer2 subtitle cgi allows remote authenticated users to read .srt files.EPSS 0.4%CVE-2026-5597MEDIUMgriptape-ai griptape ComputerTool tool.py path traversalEPSS 0.4%