VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 78 of 275
  • CVE-2026-12198HigJun 15, 2026
    risk 0.47cvss 7.3epss 0.01

    A weakness has been identified in Microweber up to 2.0.20. This affects the function userfiles_path of the file /api_nosession/thumbnail_img of the component API Endpoint. Executing a manipulation of the argument cache_path_relative can lead to path traversal. It is possible to…

  • CVE-2026-39276HigMay 29, 2026
    risk 0.47cvss 7.2epss 0.01

    The template upload feature in Emlog Pro v2.6.9 has a path traversal vulnerability, allowing authenticated administrators to execute arbitrary PHP code. By uploading a malicious ZIP archive containing directory traversal sequences in filenames, an attacker can overwrite default…

  • CVE-2026-9550HigMay 26, 2026
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was determined in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. Affected by this issue is some unknown functionality of the file /SubstationWEBV2/app/..;/main/upfile. Executing a manipulation of the argument path can lead…

  • CVE-2025-70950HigMay 19, 2026
    risk 0.47cvss 7.3epss 0.01

    An issue in gohttp commit 34ea51 allows attackers to execute a directory traversal via supplying a crafted request.

  • CVE-2026-8757HigMay 17, 2026
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in adenhq hive up to 0.11.0. This affects the function _read_events_tail of the file core/framework/server/routes_sessions.py of the component Delete Request Handler. Performing a manipulation results in path traversal. The attack may be initiated…

  • CVE-2026-8756HigMay 17, 2026
    risk 0.47cvss 7.3epss 0.01

    A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generate_config of the file webui_preprocess.py of the component Gradio Interface. Such manipulation of the argument data_dir leads to path…

  • CVE-2026-8755HigMay 17, 2026
    risk 0.47cvss 7.3epss 0.01

    A flaw has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The affected element is the function _get_all_models of the file hiyoriUI.py of the component Model Handler. This manipulation causes path traversal. The attack can be initiated…

  • CVE-2026-7810HigMay 5, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in UsamaK98 python-notebook-mcp up to a05a232815809a7e425b5fa7be26e0d4369894c2. Impacted is the function create_notebook/read_notebook/edit_cell/add_cell of the file server.py. This manipulation causes path traversal. It is possible to initiate the attack…

  • CVE-2026-7788HigMay 5, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function update_document/continue_document/delete_document/get_content of the file app/routes/document.py. Performing a manipulation of…

  • CVE-2026-7784HigMay 5, 2026
    risk 0.47cvss 7.3epss 0.01

    A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file apiserver/routes/extensions.py of the component Skills Endpoint. Such manipulation of the argument Name leads to path traversal. It is possible to launch the…

  • CVE-2026-7594HigMay 1, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function image_to_3d_async of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The…

  • CVE-2026-7519HigMay 1, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has…

  • CVE-2026-7404HigApr 29, 2026
    risk 0.47cvss 7.3epss 0.01

    A weakness has been identified in getsimpletool mcpo-simple-server up to 0.2.0. Affected is the function delete_shared_prompt of the file src/mcpo_simple_server/services/prompt_manager/base_manager.py. This manipulation of the argument detail causes relative path traversal. It…

  • CVE-2026-7398HigApr 29, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in florensiawidjaja BioinfoMCP up to 7ada7918b9e515604d3c0ae264d3a9af10bf6e54. This vulnerability affects the function Upload of the file bioinfo_mcp_platform/app.py of the component Upload Endpoint. This manipulation of the argument Name causes…

  • CVE-2026-7319HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.01

    A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function _get_context_file_path of the file src/execution_system_mcp/server.py of the component add_action Tool. This manipulation of the argument context causes path traversal. The attack…

  • CVE-2026-7315HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function get_pdf_path of the file src/spire_pdf_mcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be…

  • CVE-2026-7314HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function get_doc_path of the file src/spire_doc_mcp/api/base.py. Performing a manipulation of the argument document_name results in path traversal. The attack can be initiated remotely. The…

  • CVE-2026-7272HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The affected element is the function generate_matlab_code/execute_matlab_code of the file src/index.ts of the component MCP Interface. Executing a manipulation of the…

  • CVE-2026-7234HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in BrowserOperator browser-operator-core up to 0.6.0. Affected is the function startsWith of the file scripts/component_server/server.js. Executing a manipulation of the argument request.url can lead to path traversal. The attack can be launched…

  • CVE-2026-7216HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in donchelo processing-claude-mcp-bridge up to e017b20a4b592a45531a6392f494007f04e661bd. Impacted is an unknown function of the file processing_server.py of the component create_sketch Tool. This manipulation of the argument sketch_name causes path…