VYPR

CWE-23

Relative Path Traversal

BaseDraft

Description

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-139 · CAPEC-76

CVEs mapped to this weakness (193)

page 5 of 10
  • CVE-2026-47287MedJun 9, 2026
    risk 0.42cvss 6.5epss 0.01

    Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network.

  • CVE-2025-48977MedMay 28, 2026
    risk 0.42cvss 6.5epss 0.01

    Relative Path Traversal vulnerability in Apache Ignite REST API. Authenticated REST API users can read any file on the server with "cmd=log" command and a log path crafted in a certain way. This issue affects Apache Ignite: from 2.0.0 through 2.17.0. Users are recommended to…

  • CVE-2026-8073HigMay 19, 2026
    risk 0.42cvss 7.5epss 0.01

    The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation and missing capability check in the 'downloadZIP' function in all versions up to, and including, 6.0.6. This…

  • CVE-2026-20081MedApr 15, 2026
    risk 0.42cvss 6.5epss 0.00

    Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities…

  • CVE-2026-20078MedApr 15, 2026
    risk 0.42cvss 6.5epss 0.00

    Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities…

  • CVE-2026-27489HigApr 1, 2026
    risk 0.42cvss 7.5epss 0.01

    Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. Prior to version 1.21.0, a path traversal vulnerability via symlink allows to read arbitrary files outside model or user-provided directory. This issue has been patched in version…

  • CVE-2026-31831HigMar 30, 2026
    risk 0.42cvss 7.5epss 0.00

    Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /newsletter/image/images API endpoint is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem.…

  • CVE-2025-70952HigMar 25, 2026
    risk 0.42cvss 7.5epss 0.01

    pf4j before 20c2f80 has a path traversal vulnerability in the extract() function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation.

  • CVE-2025-10249MedOct 9, 2025
    risk 0.42cvss 6.5epss 0.00

    The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up to, and including, 6.7.37. This makes it possible for authenticated attackers, with…

  • CVE-2025-60020MedSep 24, 2025
    risk 0.42cvss 6.4epss 0.00

    nncp before 8.12.0 allows path traversal (for reading or writing) during freqing and file saving via a crafted path in packet data.

  • CVE-2021-4459MedAug 27, 2025
    risk 0.42cvss 6.5epss 0.01

    An authorized remote attacker can access files and directories outside the intended web root, potentially exposing sensitive system information of the affected Sunny Boy devices.

  • CVE-2024-12645MedDec 16, 2024
    risk 0.42cvss 6.5epss 0.00

    The topm-client from Chunghwa Telecom has an Arbitrary File Read vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection for the APIs, unauthenticated remote attackers could…

  • CVE-2026-8134HigMay 21, 2026
    risk 0.40cvss 7.2epss 0.01

    Concrete CMS 9.5.0 and below fails to sanitize path traversal sequences in the ptComposerFormLayoutSetControlCustomTemplate field when saving page type composer form layouts. An authenticated rogue administrator with composer form editing rights can exploit this to include…

  • CVE-2026-33733HigApr 22, 2026
    risk 0.40cvss 7.2epss 0.00

    EspoCRM is an open source customer relationship management application. Prior to version 9.3.4, the admin template management endpoints accept attacker-controlled `name` and `scope` values and pass them into template path construction without normalization or traversal…

  • CVE-2026-43616HigMay 4, 2026
    risk 0.39cvss 7.1epss 0.00

    Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive entries with relative traversal sequences or absolute paths. Attackers can exploit insufficient path normalization…

  • CVE-2026-48681MedJun 4, 2026
    risk 0.38cvss 5.9epss 0.01

    OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image.

  • CVE-2025-59336MedSep 16, 2025
    risk 0.38cvss epss 0.00

    Luanox is a module host for Lua packages. Prior to 0.1.1, a file traversal vulnerability can cause potential denial of service by overwriting Phoenix runtime files. Package names like ../../package are not properly filtered and pass the validity check of the rockspec…

  • CVE-2025-49466MedJun 5, 2025
    risk 0.38cvss 5.8epss 0.01

    aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path concatenation of the name of an attachment part,

  • CVE-2025-24819MedApr 7, 2026
    risk 0.37cvss 5.7epss 0.00

    Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application.

  • CVE-2026-41612MedMay 12, 2026
    risk 0.36cvss 5.5epss 0.01

    Relative path traversal in Visual Studio Code allows an unauthorized attacker to disclose information locally.