Weaknesses of type CWE-22

4,854 results
CVE-2025-61784HIGHLLaMA Factory's Chat API has Critical SSRF and LFI VulnerabilitiesEPSS 0.4%CVE-2025-13681MEDIUMBFG Tools – Extension Zipper <= 1.0.7 - Authenticated (Administrator+) Path Traversal via 'first_file' ParameterEPSS 0.4%CVE-2025-53588HIGHWordPress UPC/EAN/GTIN Code Generator Plugin <= 2.0.2 - Arbitrary File Deletion VulnerabilityEPSS 0.4%CVE-2026-54017HIGHOpen WebUI: Path traversal / SSRF in terminal server proxy via encoded path traversalEPSS 0.3%CVE-2025-64107HIGHCursor is Vulnerable to Path Manipulation Using Backslashes on WindowsEPSS 0.3%CVE-2026-6262MEDIUMBetheme <= 28.4 - Authenticated (Contributor+) Arbitrary File Deletion via 'mfn-icon-upload'EPSS 0.3%CVE-2025-6774MEDIUMgooaclok819 sublinkX template.go AddTemp path traversalEPSS 0.3%CVE-2026-33171MEDIUMStatamic has a path traversal in file dictionary fieldtypeEPSS 0.3%CVE-2026-29185LOW@backstage/integration: Potential reading of SCM URLs using built in tokenEPSS 0.3%CVE-2025-5380MEDIUMashinigit 天青一白 XueShengZhuSu 学生住宿管理系统 Image File Upload upload path traversalEPSS 0.3%CVE-2025-10245MEDIUMDisplay Painéis TGA Galeria rename path traversalEPSS 0.3%CVE-2023-26243HIGHAn issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The decryption binary used toEPSS 0.3%CVE-2025-59414LOWNuxt Client-Side Path Traversal in Nuxt Island Payload RevivalEPSS 0.3%CVE-2026-15138MEDIUMtumf mcp-text-editor text_editor.py _validate_file_path path traversalEPSS 0.3%CVE-2024-21904MEDIUMQTS, QuTS heroEPSS 0.3%CVE-2025-11531MEDIUMHP System Event Utility and Omen Gaming Hub – Potential Arbitrary Code ExecutionEPSS 0.3%CVE-2026-6620MEDIUMSonicCloudOrg sonic-server File Upload Endpoint FileTool.java upload path traversalEPSS 0.3%CVE-2024-12429MEDIUMAn attacker who successfully exploited these vulnerabilities could grant read access to files. A vulnerability exists in the AC500 V3 versioEPSS 0.3%CVE-2026-4999MEDIUMz-9527 admin isImg Check upload.js uploadFile path traversalEPSS 0.3%CVE-2026-56066MEDIUMWordPress ShortPixel Adaptive Images plugin <= 3.11.4 - Arbitrary File Deletion vulnerabilityEPSS 0.3%