Falhas do tipo CWE-22
4.854 resultadosCVE-2026-7588MEDIUMggerve coding-standards-mcp server.py get_best_practices path traversalEPSS 0.4%CVE-2025-49138MEDIUMHAX CMS vulnerable to Local File Inclusion via saveOutline API Location ParameterEPSS 0.4%CVE-2026-7589MEDIUMghantakiran splunk-mcp-integration CSV Export csv_export.py create_csv_export path traversalEPSS 0.4%CVE-2026-5014MEDIUMelecV2 elecV2P Wildcard log path.join path traversalEPSS 0.4%CVE-2026-34523MEDIUMSillyTavern: Path traversal allows file existence oracleEPSS 0.4%CVE-2026-52726HIGHDulwich's submodule path traversal in porcelain.submodule_update / porcelain.clone(recurse_submodules=True) yields RCE via attacker-dropped .git/hooks payloadEPSS 0.4%CVE-2026-7237MEDIUMAgiFlow scaffold-mcp write-to-file Tool index.ts path traversalEPSS 0.4%CVE-2025-31554MEDIUMWordPress Docxpresso plugin <= 2.6 - Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2025-47513MEDIUMWordPress Infocob CRM Forms plugin <= 2.4.0 - Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2025-59384HIGHQfilingEPSS 0.4%CVE-2025-10283CRITICALImproper .git Sanitization in gitdumper Enables RCEEPSS 0.4%CVE-2026-33945CRITICALAbitrary file write through systemd-creds optionEPSS 0.4%CVE-2025-13972MEDIUMWatchTowerHQ <= 3.16.0 - Authenticated (Administrator+) Arbitrary File Read via 'wht_download_big_object_origin' ParameterEPSS 0.4%CVE-2024-38717HIGHWordPress Booking Ultra Pro Appointments Booking Calendar plugin <= 1.1.13 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2024-43373HIGHwebcrack has an Arbitrary File Write Vulnerability on Windows when Parsing and Saving a Malicious BundleEPSS 0.4%CVE-2026-40547MEDIUMPath Traversal in SOPlanningEPSS 0.4%CVE-2026-13528MEDIUMYunaiV/zhijiantianya ruoyi-vue-pro AppFileController File Upload Endpoint FileServiceImpl.java generateUploadPath path traversalEPSS 0.4%CVE-2025-68902HIGHWordPress Anona theme <= 8.0 - Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2026-39859MEDIUMLiquidJS has a renderFile() / parseFile() bypass configured root and allow arbitrary file readEPSS 0.4%CVE-2024-33869MEDIUMAn issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur (via a crafted PostScript docuEPSS 0.4%