Total
8196 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-28486 | 1 Openclaw | 1 Openclaw | 2026-03-11 | N/A | 6.1 MEDIUM |
| OpenClaw versions 2026.1.16-2 prior to 2026.2.14 contain a path traversal vulnerability in archive extraction during installation commands that allows arbitrary file writes outside the intended directory. Attackers can craft malicious archives that, when extracted via skills install, hooks install, plugins install, or signal install commands, write files to arbitrary locations enabling persistence or code execution. | |||||
| CVE-2026-29064 | 1 Lfprojects | 1 Zarf | 2026-03-11 | N/A | 8.2 HIGH |
| Zarf is an Airgap Native Packager Manager for Kubernetes. From version 0.54.0 to before version 0.73.1, a path traversal vulnerability in archive extraction allows a specifically crafted Zarf package to create symlinks pointing outside the destination directory, enabling arbitrary file read or write on the system processing the package. This issue has been patched in version 0.73.1. | |||||
| CVE-2026-29065 | 1 Webtechnologies | 1 Changedetection | 2026-03-10 | N/A | 9.1 CRITICAL |
| changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, a Zip Slip vulnerability in the backup restore functionality allows arbitrary file overwrite via path traversal in uploaded ZIP archives. This issue has been patched in version 0.54.4. | |||||
| CVE-2026-28679 | 1 Home-gallery | 1 Homegallery | 2026-03-10 | N/A | 8.6 HIGH |
| Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. Prior to version 1.21.0, when a user requests a download, the application does not verify whether the requested file is located within the media source directory, which can result in sensitive system files being downloadable as well. This issue has been patched in version 1.21.0. | |||||
| CVE-2026-24457 | 1 Eclipse | 1 Open Message Queue | 2026-03-10 | N/A | 9.1 CRITICAL |
| An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved. | |||||
| CVE-2026-28795 | 1 Zhongyu09 | 1 Openchatbi | 2026-03-10 | N/A | 9.8 CRITICAL |
| OpenChatBI is an intelligent chat-based BI tool powered by large language models, designed to help users query, analyze, and visualize data through natural language conversations. Prior to version 0.2.2, the save_report tool in openchatbi/tool/save_report.py suffers from a critical path traversal vulnerability due to insufficient input sanitization of the file_format parameter. This issue has been patched in version 0.2.2. | |||||
| CVE-2026-28447 | 1 Openclaw | 1 Openclaw | 2026-03-10 | N/A | 8.1 HIGH |
| OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.1 contain a path traversal vulnerability in plugin installation that allows malicious plugin package names to escape the extensions directory. Attackers can craft scoped package names containing path traversal sequences like .. to write files outside the intended installation directory when victims run the plugins install command. | |||||
| CVE-2026-28800 | 1 Natroteam | 1 Natro Macro | 2026-03-10 | N/A | 6.4 MEDIUM |
| Natro Macro is an open-source Bee Swarm Simulator macro written in AutoHotkey. Prior to version 1.1.0, anyone with Discord Remote Control set up in a non-private channel gives access to any user with the permission to send message in said channel access to do anything on their computer. This includes keyboard and mouse inputs and full file access. This issue has been patched in version 1.1.0. | |||||
| CVE-2025-45691 | 1 Vibrantlabsai | 1 Ragas | 2026-03-10 | N/A | 7.5 HIGH |
| An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in Exploding Gradients RAGAS v0.2.3 to v0.2.14. The vulnerability stems from improper validation and sanitization of URLs supplied in the retrieved_contexts parameter when handling multimodal inputs. | |||||
| CVE-2026-3795 | 1 Html-js | 1 Doracms | 2026-03-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A security flaw has been discovered in doramart DoraCMS 3.0.x. Impacted is the function createFileBypath of the file /DoraCMS/server/app/router/api/v1.js. Performing a manipulation results in path traversal. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-47563 | 1 Siemens | 1 Sinec Security Monitor | 2026-03-10 | N/A | 5.3 MEDIUM |
| A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate a file path that is supplied to an endpoint intended to create CSR files. This could allow an unauthenticated remote attacker to create files in writable directories outside the intended location and thus compromise integrity of files in those writable directories. | |||||
| CVE-2026-1616 | 1 Redhat | 1 Open Security Issue Management | 2026-03-10 | N/A | 7.5 HIGH |
| The $uri$args concatenation in nginx configuration file present in Open Security Issue Management (OSIM) prior v2025.9.0 allows path traversal attacks via query parameters. | |||||
| CVE-2026-30848 | 1 Parseplatform | 1 Parse-server | 2026-03-10 | N/A | 3.7 LOW |
| Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.8 and 9.5.0-alpha.8, the PagesRouter static file serving route is vulnerable to a path traversal attack that allows unauthenticated reading of files outside the configured pagesPath directory. The boundary check uses a string prefix comparison without enforcing a directory separator boundary. An attacker can use path traversal sequences to access files in sibling directories whose names share the same prefix as the pages directory (e.g. pages-secret starts with pages). This issue has been patched in versions 8.6.8 and 9.5.0-alpha.8. | |||||
| CVE-2026-2743 | 1 Seppmail | 1 Seppmail | 2026-03-09 | N/A | 9.8 CRITICAL |
| Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before | |||||
| CVE-2026-28769 | 1 Datacast | 2 Sfx2100, Sfx2100 Firmware | 2026-03-09 | N/A | 6.5 MEDIUM |
| A path traversal vulnerability exists in the /IDC_Logging/checkifdone.cgi script in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web management portal version 101. An authenticated attacker can manipulate the `file` parameter to traverse directories and enumerate arbitrary files on the underlying filesystem. Due to the insecure perl file path handling function in use, a authenticated actor is able to preform directory traversal, with the backup endpoint confirming a file exists by indicating that a backup operation was successful or when using the path of a non existent file, the returned status is failed. | |||||
| CVE-2026-28453 | 1 Openclaw | 1 Openclaw | 2026-03-09 | N/A | 7.5 HIGH |
| OpenClaw versions prior to 2026.2.14 fail to validate TAR archive entry paths during extraction, allowing path traversal sequences to write files outside the intended directory. Attackers can craft malicious archives with traversal sequences like ../../ to write files outside extraction boundaries, potentially enabling configuration tampering and code execution. | |||||
| CVE-2026-28457 | 1 Openclaw | 1 Openclaw | 2026-03-09 | N/A | 6.1 MEDIUM |
| OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring (must be enabled) that uses the skill frontmatter name parameter unsanitized when copying skills into the sandbox workspace. Attackers who provide a crafted skill package with traversal sequences like ../ or absolute paths in the name field can write files outside the sandbox workspace root directory. | |||||
| CVE-2026-28462 | 1 Openclaw | 1 Openclaw | 2026-03-09 | N/A | 7.5 HIGH |
| OpenClaw versions prior to 2026.2.13 contain a vulnerability in the browser control API in which it accepts user-supplied output paths for trace and download files without consistently constraining writes to temporary directories. Attackers with API access can exploit path traversal in POST /trace/stop, POST /wait/download, and POST /download endpoints to write files outside intended temp roots. | |||||
| CVE-2026-3695 | 1 Remyandrade | 1 Modern Image Gallery App | 2026-03-09 | 6.4 MEDIUM | 6.5 MEDIUM |
| A vulnerability has been found in SourceCodester Modern Image Gallery App 1.0. Impacted is an unknown function of the file /delete.php. Such manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2026-22460 | 2026-03-09 | N/A | 8.6 HIGH | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpWax FormGent formgent allows Path Traversal.This issue affects FormGent: from n/a through <= 1.4.2. | |||||