Fallos del tipo CWE-22
4872 resultadosCVE-2026-9153MEDIUMArbitrary File Read in Rapid7 InsightConnect Sed PluginEPSS 0.3%CVE-2026-11426MEDIUMUnderConstructionPage PRO <= 5.76 - Authenticated (Subscriber+) Arbitrary File Read via template_thumbnail ParameterEPSS 0.3%CVE-2026-41180HIGHPsiTransfer: Upload PATCH path traversal can create `config.<NODE_ENV>.js` and lead to code execution on restartEPSS 0.3%CVE-2026-47179HIGHArcane: Authenticated Arbitrary Host File Read via Docker Compose Include Directives in ArcaneEPSS 0.3%CVE-2026-58173MEDIUMVibe-Trading < 0.1.10 - Path Traversal via Persistent Memory TypeEPSS 0.3%CVE-2026-41655MEDIUMAdmidio: Path Traversal in ECard Preview Allows Reading Arbitrary Server Files Including Database CredentialsEPSS 0.3%CVE-2025-15020MEDIUMGotham Block Extra Light <= 1.5.0 - Authenticated (Contributor+) Arbitrary File Read via 'ghostban' ShortcodeEPSS 0.3%CVE-2026-39378MEDIUMnbconvert has an Arbitrary File Read via Path Traversal in HTMLExporter Image EmbeddingEPSS 0.3%CVE-2026-41419HIGH4ga Boards: Import Path Traversal Leads to Arbitrary File ReadEPSS 0.3%CVE-2022-36035HIGHFlux CLI Workload InjectionEPSS 0.3%CVE-2026-44996MEDIUMOpenClaw < 2026.4.15 - Arbitrary Local File Read via Webchat Audio EmbeddingEPSS 0.3%CVE-2024-25859HIGHA path traversal vulnerability in the /path/to/uploads/ directory of Blesta before v5.9.2 allows attackers to takeover user accounts and exeEPSS 0.3%CVE-2026-2864MEDIUMfeng_ha_ha/megagao ssm-erp/production_ssm PictureController.java pictureDelete path traversalEPSS 0.3%CVE-2023-33544MEDIUMhawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after deEPSS 0.3%CVE-2025-61654NONEUserInfoCard: Do permission checking when getting counts of global and local edits, new articles and thanksEPSS 0.3%CVE-2026-45565HIGHRoxy-WI: EscapedString validator skips its '..' block when stripping (root cause for several path-traversal/RCE vectors)EPSS 0.3%CVE-2026-55201HIGHEvil-WinRM - Path Traversal in download_dir() FunctionEPSS 0.3%CVE-2026-6865HIGHImproper Limitation of a Pathname to a Restricted Directory Vulnerability on Multiple ProductsEPSS 0.3%CVE-2026-0651MEDIUMPath Traversal on TP-Link Tapo D235 and C260 via Local httpsEPSS 0.3%CVE-2026-39405CRITICALFrappe has Path Transversal via SCORMEPSS 0.3%