Fallos del tipo CWE-22
4856 resultadosCVE-2026-28393HIGHOpenClaw 2.0.0-beta3 < 2026.2.14 - Arbitrary JavaScript Module Loading via Hook Transform Path TraversalEPSS 0.4%CVE-2025-47512HIGHWordPress Tainacan plugin <= 0.21.14 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2026-40876HIGHSFTP root escape via prefix-based path validation in goshsEPSS 0.4%CVE-2024-22377MEDIUMPingFederate Runtime Node Path TraversalEPSS 0.4%CVE-2025-31053HIGHWordPress KBx Pro Ultimate plugin < 8.0.5 - Arbitrary File Deletion VulnerabilityEPSS 0.4%CVE-2026-9467MEDIUMdebugmcp mcp-debugger server.ts handleGetSourceContext path traversalEPSS 0.4%CVE-2019-1836MEDIUMCisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Symbolic Link Path Traversal VulnerabilityEPSS 0.4%CVE-2026-4222MEDIUMSSCMS download PathUtils.RemoveParentPath path traversalEPSS 0.4%CVE-2025-36236HIGHAIX Path TraversalEPSS 0.4%CVE-2026-35050CRITICALtext-generation-webui affected by Remote Code Execution (RCE) through Path Traversal at "Session -> Save extention settings to user_data/settings.yaml".EPSS 0.4%CVE-2026-25635HIGHcalibre has a Path Traversal Leading to Arbitrary File Write and Potential Code ExecutionEPSS 0.4%CVE-2026-14635MEDIUMkirilkirkov Ecommerce-CodeIgniter-Bootstrap Vendor Multi-Image Endpoint AddProduct.php path traversalEPSS 0.4%CVE-2026-26202HIGHPenpot has Arbitrary File Read via create-font-variant RPC endpointEPSS 0.4%CVE-2026-24123HIGHBentoML has a Path Traversal via Bentofile ConfigurationEPSS 0.4%CVE-2024-54535MEDIUMA path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, EPSS 0.4%CVE-2026-23851HIGHSiYuan Vulnerable to Arbitrary File Read via File Copy FunctionalityEPSS 0.4%CVE-2025-54162MEDIUMFile Station 5EPSS 0.4%CVE-2026-28679HIGHHomeGallery: Path Traversal (Arbitrary File Read)EPSS 0.4%CVE-2026-39938CRITICALCacti: Unauthenticated RCE on Graph ImageEPSS 0.4%CVE-2025-1357MEDIUMSeventh D-Guard HTTP GET Request path traversalEPSS 0.4%