Fallos del tipo CWE-22
4862 resultadosCVE-2026-15138MEDIUMtumf mcp-text-editor text_editor.py _validate_file_path path traversalEPSS 0.3%CVE-2025-59414LOWNuxt Client-Side Path Traversal in Nuxt Island Payload RevivalEPSS 0.3%CVE-2024-21904MEDIUMQTS, QuTS heroEPSS 0.3%CVE-2023-26243HIGHAn issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The decryption binary used toEPSS 0.3%CVE-2025-28099MEDIUMopencms V2.3 is vulnerable to Arbitrary file read in src/main/webapp/view/admin/document/dataPage.jsp,EPSS 0.3%CVE-2026-42757CRITICALWordPress WebinarIgnition plugin < 4.08.253 - Arbitrary File Deletion vulnerabilityEPSS 0.3%CVE-2025-11531MEDIUMHP System Event Utility and Omen Gaming Hub – Potential Arbitrary Code ExecutionEPSS 0.3%CVE-2026-56876HIGHextract-zip unvalidated symlink path traversalEPSS 0.3%CVE-2026-56066MEDIUMWordPress ShortPixel Adaptive Images plugin <= 3.11.4 - Arbitrary File Deletion vulnerabilityEPSS 0.3%CVE-2026-4999MEDIUMz-9527 admin isImg Check upload.js uploadFile path traversalEPSS 0.3%CVE-2024-12429MEDIUMAn attacker who successfully exploited these vulnerabilities could grant read access to files. A vulnerability exists in the AC500 V3 versioEPSS 0.3%CVE-2026-6620MEDIUMSonicCloudOrg sonic-server File Upload Endpoint FileTool.java upload path traversalEPSS 0.3%CVE-2026-44353MEDIUMStreamlink: Arbitrary local file read via file:// URI in HLS and DASHEPSS 0.3%CVE-2026-45482HIGHMicrosoft Visual Studio Code CoPilot Chat Security Feature Bypass VulnerabilityEPSS 0.3%CVE-2026-58192HIGHAppium: Unauthenticated arbitrary file/directory deletion in @appium/storage-pluginEPSS 0.3%CVE-2026-54917HIGHSeaweedFS: Path traversal in the S3 and Iceberg REST gateways allows cross-bucket accessEPSS 0.3%CVE-2026-42737HIGHWordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.9 - Arbitrary File Deletion vulnerabilityEPSS 0.3%CVE-2026-32030HIGHOpenClaw < 2026.2.19 - Sensitive File Disclosure via stageSandboxMedia Path TraversalEPSS 0.3%CVE-2026-1186HIGHPath Traversal in EAP LegislatorEPSS 0.3%CVE-2025-68279HIGHWeblate has an arbitrary file read via symbolic linksEPSS 0.3%