Total
8317 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-11001 | 2 7-zip, Microsoft | 2 7-zip, Windows | 2026-02-26 | 7.8 High |
| 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of symbolic links in ZIP files. Crafted data in a ZIP file can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of a service account. Was ZDI-CAN-26753. | ||||
| CVE-2025-59366 | 1 Asus | 1 Router | 2026-02-26 | N/A |
| An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effect of the Samba functionality, potentially leading to allow execution of specific functions without proper authorization. Refer to the Security Update for ASUS Router Firmware section on the ASUS Security Advisory for more information. | ||||
| CVE-2025-14727 | 1 F5 | 1 Nginx Ingress Controller | 2026-02-26 | 8.3 High |
| A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2026-25965 | 1 Imagemagick | 1 Imagemagick | 2026-02-26 | 8.6 High |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick’s path security policy is enforced on the raw filename string before the filesystem resolves it. As a result, a policy rule such as /etc/* can be bypassed by a path traversal. The OS resolves the traversal and opens the sensitive file, but the policy matcher only sees the unnormalized path and therefore allows the read. This enables local file disclosure (LFI) even when policy-secure.xml is applied. Actions to prevent reading from files have been taken in versions .7.1.2-15 and 6.9.13-40 But it make sure writing is also not possible the following should be added to one's policy. This will also be included in ImageMagick's more secure policies by default. | ||||
| CVE-2026-3051 | 2 Datalinkdc, Dinky | 2 Dinky, Dinky | 2026-02-26 | 6.3 Medium |
| A vulnerability has been found in DataLinkDC dinky up to 1.2.5. The affected element is the function getProjectDir of the file dinky-admin/src/main/java/org/dinky/utils/GitRepository.java of the component Project Name Handler. Such manipulation of the argument projectName leads to path traversal. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-14914 | 1 Ibm | 1 Websphere Application Server | 2026-02-26 | 7.6 High |
| IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences resulting in an overwrite of files leading to arbitrary code execution. | ||||
| CVE-2025-65077 | 1 Lexmark | 40 Cslbl, Cslbn, Csngv and 37 more | 2026-02-26 | N/A |
| A relative path traversal vulnerability has been identified in the Embedded Solutions Framework in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user. | ||||
| CVE-2024-28995 | 1 Solarwinds | 1 Serv-u | 2026-02-26 | 8.6 High |
| SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. | ||||
| CVE-2026-20614 | 1 Apple | 1 Macos | 2026-02-26 | 7.8 High |
| A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to gain root privileges. | ||||
| CVE-2026-20615 | 1 Apple | 5 Ios And Ipados, Ipados, Iphone Os and 2 more | 2026-02-26 | 7.8 High |
| A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. An app may be able to gain root privileges. | ||||
| CVE-2026-2033 | 1 Mlflow | 1 Mlflow | 2026-02-26 | N/A |
| MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of artifact file paths. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-26649. | ||||
| CVE-2022-20818 | 1 Cisco | 83 1100-4g Integrated Services Router, 1100-4p Integrated Services Router, 1100-6g Integrated Services Router and 80 more | 2026-02-26 | 7.8 High |
| Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. | ||||
| CVE-2024-5154 | 2 Kubernetes, Redhat | 4 Cri-o, Enterprise Linux, Openshift and 1 more | 2026-02-25 | 8.1 High |
| A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system. | ||||
| CVE-2026-27202 | 1 Getsimple-ce | 1 Getsimple Cms | 2026-02-25 | 7.5 High |
| GetSimple CMS is a content management system. All versions of GetSimple CMS have a flaw in the Uploaded Files feature that allows for arbitrary file reads. This issue has not been fixed at the time of publication. | ||||
| CVE-2025-68002 | 2 100plugins, Wordpress | 2 Open User Map, Wordpress | 2026-02-25 | 6.5 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in 100plugins Open User Map open-user-map allows Path Traversal.This issue affects Open User Map: from n/a through <= 1.4.16. | ||||
| CVE-2026-24849 | 2 Open-emr, Openemr | 2 Openemr, Openemr | 2026-02-25 | 10 Critical |
| OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the `disposeDocument()` method in `EtherFaxActions.php` allows authenticated users to read arbitrary files from the server filesystem. Any authenticated user (regardless of privilege level) can exploit this vulnerability to read sensitive files. Version 7.0.4 patches the issue. | ||||
| CVE-2024-1485 | 2 Devfile, Redhat | 4 Registry-support, Ocp Tools, Openshift and 1 more | 2026-02-25 | 8 High |
| A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the `parent` or `plugin` keywords. This could download a malicious archive and cause the cleanup process to overwrite or delete files outside of the archive, which should not be allowed. | ||||
| CVE-2026-27606 | 2 Rollup, Rollupjs | 2 Rollup, Rollup | 2026-02-25 | 9.8 Critical |
| Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler (specifically v4.x and present in current source) is vulnerable to an Arbitrary File Write via Path Traversal. Insecure file name sanitization in the core engine allows an attacker to control output filenames (e.g., via CLI named inputs, manual chunk aliases, or malicious plugins) and use traversal sequences (`../`) to overwrite files anywhere on the host filesystem that the build process has permissions for. This can lead to persistent Remote Code Execution (RCE) by overwriting critical system or user configuration files. Versions 2.80.0, 3.30.0, and 4.59.0 contain a patch for the issue. | ||||
| CVE-2023-7216 | 2 Gnu, Redhat | 2 Cpio, Enterprise Linux | 2026-02-25 | 5.3 Medium |
| A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks. | ||||
| CVE-2024-1132 | 1 Redhat | 23 Amq Broker, Build Keycloak, Build Of Keycloak and 20 more | 2026-02-25 | 8.1 High |
| A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL. | ||||