Total
245 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-24819 | 2026-04-08 | N/A | 5.7 MEDIUM | ||
| Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application. | |||||
| CVE-2026-4415 | 1 Gigabyte | 1 Control Center | 2026-04-08 | N/A | 8.1 HIGH |
| Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation. | |||||
| CVE-2025-2007 | 2026-04-08 | N/A | 8.1 HIGH | ||
| The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteImage() function in all versions up to, and including, 7.19. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Please note this vulnerability was reintroduced in 7.20, and subsequently patched again in 7.20.1. | |||||
| CVE-2023-6825 | 1 Mndpsingh287 | 1 File Manager | 2026-04-08 | N/A | 9.9 CRITICAL |
| The File Manager and File Manager Pro plugins for WordPress are vulnerable to Directory Traversal in versions up to, and including version 7.2.1 (free version) and 8.3.4 (Pro version) via the target parameter in the mk_file_folder_manager_action_callback_shortcode function. This makes it possible for attackers to read the contents of arbitrary files on the server, which can contain sensitive information and to upload files into directories other than the intended directory for file uploads. The free version requires Administrator access for this vulnerability to be exploitable. The Pro version allows a file manager to be embedded via a shortcode and also allows admins to grant file handling privileges to other user levels, which could lead to this vulnerability being exploited by lower-level users. | |||||
| CVE-2026-33494 | 1 Ory | 1 Oathkeeper | 2026-04-07 | N/A | 10.0 CRITICAL |
| ORY Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. Versions prior to 26.2.0 are vulnerable to an authorization bypass via HTTP path traversal. An attacker can craft a URL containing path traversal sequences (e.g. `/public/../admin/secrets`) that resolves to a protected path after normalization, but is matched against a permissive rule because the raw, un-normalized path is used during rule evaluation. Version 26.2.0 contains a patch. | |||||
| CVE-2026-27489 | 1 Linuxfoundation | 1 Onnx | 2026-04-07 | N/A | 7.5 HIGH |
| Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. Prior to version 1.21.0, a path traversal vulnerability via symlink allows to read arbitrary files outside model or user-provided directory. This issue has been patched in version 1.21.0. | |||||
| CVE-2026-21620 | 2026-04-06 | N/A | N/A | ||
| Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp (tftp_file modules), erlang otp inets (tftp_file modules), erlang otp tftp (tftp_file modules) allows Relative Path Traversal. This vulnerability is associated with program files lib/tftp/src/tftp_file.erl, src/tftp_file.erl. This issue affects otp: from 17.0, from 07b8f441ca711f9812fad9e9115bab3c3aa92f79; otp: from 5.10 before 7.0; otp: from 1.0. | |||||
| CVE-2026-31831 | 1 Tautulli | 1 Tautulli | 2026-04-02 | N/A | 7.5 HIGH |
| Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /newsletter/image/images API endpoint is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. This issue has been patched in version 2.17.0. | |||||
| CVE-2025-47445 | 1 Themewinter | 1 Eventin | 2026-04-01 | N/A | 9.8 CRITICAL |
| Relative Path Traversal vulnerability in Arraytics Eventin wp-event-solution allows Path Traversal.This issue affects Eventin: from n/a through <= 4.0.26. | |||||
| CVE-2025-32137 | 2026-04-01 | N/A | N/A | ||
| Relative Path Traversal vulnerability in Cristián Lávaque s2Member s2member allows Path Traversal.This issue affects s2Member: from n/a through <= 250419. | |||||
| CVE-2025-25130 | 2026-04-01 | N/A | N/A | ||
| Relative Path Traversal vulnerability in Shah Alom Delete Comments By Status delete-comments-by-status allows Path Traversal.This issue affects Delete Comments By Status: from n/a through <= 2.1.1. | |||||
| CVE-2024-50453 | 1 Webangon | 1 The Pack Elementor Addons | 2026-04-01 | N/A | 8.8 HIGH |
| Relative Path Traversal vulnerability in webangon The Pack Elementor addons the-pack-addon allows PHP Local File Inclusion.This issue affects The Pack Elementor addons: from n/a through <= 2.0.9. | |||||
| CVE-2024-49253 | 2026-04-01 | N/A | N/A | ||
| Relative Path Traversal vulnerability in JamesPark.ninja Analyse Uploads analyse-uploads allows Relative Path Traversal.This issue affects Analyse Uploads: from n/a through <= 0.5. | |||||
| CVE-2024-47637 | 1 Litespeedtech | 1 Litespeed Cache | 2026-04-01 | N/A | 8.8 HIGH |
| Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Path Traversal.This issue affects LiteSpeed Cache: from n/a through <= 6.4.1. | |||||
| CVE-2026-32725 | 2026-04-01 | N/A | 8.3 HIGH | ||
| SciTokens C++ is a minimal library for creating and using SciTokens from C or C++. Prior to version 1.4.1, scitokens-cpp is vulnerable to an authorization bypass when processing path-based scopes in tokens. The library normalizes the scope path from the token before authorization and collapses ".." path components instead of rejecting them. As a result, an attacker can use parent-directory traversal in the scope claim to broaden the effective authorization beyond the intended directory. This issue has been patched in version 1.4.1. | |||||
| CVE-2026-33206 | 1 Calibre-ebook | 1 Calibre | 2026-03-30 | N/A | 6.3 MEDIUM |
| calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a path traversal vulnerability exists in Calibre' handling of images in Markdown and other similar text-based files allowing an attacker to include arbitrary files from the file system into the converted book. Additionally, missing authentication and server-side request forgery in the background-image endpoint in the ebook reader web view allow the files to be exfiltrated without additional interaction. Version 9.6.0 contains a fix. | |||||
| CVE-2026-27625 | 1 Stirling | 1 Stirling Pdf | 2026-03-24 | N/A | 8.1 HIGH |
| Stirling-PDF is a locally hosted web application that performs various operations on PDF files. In versions prior to 2.5.2, the /api/v1/convert/markdown/pdf endpoint extracts user-supplied ZIP entries without path checks. Any authenticated user can write files outside the intended temporary working directory, leading to arbitrary file write with the privileges of the Stirling-PDF process user (stirlingpdfuser). This can overwrite writable files and compromise data integrity, with further impact depending on writable paths. The issue was fixed in version 2.5.2. | |||||
| CVE-2026-29098 | 1 Suitecrm | 1 Suitecrm | 2026-03-24 | N/A | 4.9 MEDIUM |
| SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prior to versions 7.15.1 and 8.9.3, the `action_exportCustom` function in `modules/ModuleBuilder/controller.php` fails to properly neutralize path traversal sequences in the `$modules` and `$name` parameters. Both parameters later reach the `exportCustom` function in `modules/ModuleBuilder/MB/MBPackage.php` where they are both utilized in constructing s paths for file reading and writing. As such, it is possible for a user with access to the ModuleBuilder module, generally an administrator, to craft a request that can copy the content of any readable directory on the underlying host into the web root, making them readable. As the `ModuleBuilder` module is part of both major versions 7 and 8, both current major versions are affected. This vulnerability allows an attacker to copy any readable directory into the web root. This includes system files like the content of `/etc, or the root directory of the web server, potentially exposing secrets and environment variables. Versions 7.15.1 and 8.9.3 patch the issue. | |||||
| CVE-2026-29101 | 1 Suitecrm | 1 Suitecrm | 2026-03-24 | N/A | 4.9 MEDIUM |
| SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prior to versions 7.15.1 and 8.9.3, a Denial-of-Service (DoS) vulnerability exists in SuiteCRM modules. Versions 7.15.1 and 8.9.3 patch the issue. | |||||
| CVE-2026-30345 | 2026-03-19 | N/A | 7.5 HIGH | ||
| A zip slip vulnerability in the Admin import functionality of CTFd v3.8.1-18-gdb5a18c4 allows attackers to write arbitrary files outside the intended directories via supplying a crafted import. | |||||