Falhas do tipo CWE-22
4.854 resultadosCVE-2026-25499HIGHterraform-provider-proxmox has insecure sudo recommendation in the documentationEPSS 0.4%CVE-2026-33645HIGHFireshare has Path Traversal Arbitrary File Write in `/api/uploadChunked`EPSS 0.4%CVE-2026-28676HIGHOpenSift: Insufficient path containment checks in storage helpers could allow path traversal-style file operationsEPSS 0.4%CVE-2024-51453MEDIUMIBM Sterling Secure Proxy directory traversalEPSS 0.4%CVE-2024-11481HIGHA vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API. This leads to improper handling of path traverEPSS 0.4%CVE-2024-32729HIGHWordPress ChatBot Conversational Forms plugin <= 1.1.8 - Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2026-42496CRITICALArchive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directoryEPSS 0.4%CVE-2026-55677HIGHEcho: Encoded slash (%2F) bypasses route-level protection and exposes static filesEPSS 0.4%CVE-2026-7400MEDIUMgeekgod382 filesystem-mcp-server read_file_tool/write_file_tool server.py is_path_allowed path traversalEPSS 0.4%CVE-2026-4044MEDIUMprojectsend Delete import-orphans.php realpath path traversalEPSS 0.4%CVE-2026-7205MEDIUMduartium papers-mcp-server main.py search_papers path traversalEPSS 0.4%CVE-2026-7386MEDIUMfatbobman mail-mcp-bridge mail_mcp_server.py path traversalEPSS 0.4%CVE-2025-6589LOWWith MultiBlocks enabled and a user who is suppressed via a MultiBlock, a user without 'hideuser' can see the hidden username in the BlockListEPSS 0.4%CVE-2025-47415MEDIUMRECWAVE Filepath TraversalEPSS 0.4%CVE-2026-0846HIGHArbitrary File Read via Absolute Path Input in nltk.util.filestring()EPSS 0.4%CVE-2026-33077HIGHRoxy-WI has an arbitrary file read vulnerabilityEPSS 0.4%CVE-2024-30417HIGHPath traversal vulnerability in the Bluetooth-based sharing module.
Impact: Successful exploitation of this vulnerability may affect serviceEPSS 0.4%CVE-2025-6989HIGHKallyas <= 4.21.0 - Authenticated (Contributor+) Arbitrary Folder DeletionEPSS 0.4%CVE-2025-22167HIGHThis High severity Path Traversal (Arbitrary Write) vulnerability was introduced in versions: 9.12.0, 10.3.0 and remain present in 11.0.0 ofEPSS 0.4%CVE-2026-7234MEDIUMBrowserOperator browser-operator-core server.js startsWith path traversalEPSS 0.4%