PT-2026-21558

Name of the Vulnerable Software and Affected Versions Traccar versions up to and including 6.11.1 Description The Traccar GPS tracking system is affected by an issue where authenticated users with device creation or editing privileges can manipulate the uniqueId parameter to specify an absolute...

CVE-2026-26337

Hyland Alfresco Transformation Service is affected by CVE-2026-26337. The flaw enables unauthenticated attackers to perform absolute path traversal, resulting in arbitrary file reads and server-side request forgery (SSRF). Reported CVSS-3.1 base score 8.2 (HIGH) with NETWORK attack vector and no ...

Hyland Alfresco Transformation Service 安全漏洞

The Hyland Alfresco Transformation Service is a document conversion service component provided by the American company Hyland. The Hyland Alfresco Transformation Service has a security vulnerability, which stems from absolute path traversal. This vulnerability could allow unauthenticated attacker...

PT-2026-20876

Name of the Vulnerable Software and Affected Versions Hyland Alfresco Transformation Service affected versions not specified Description The Hyland Alfresco Transformation Service is susceptible to exploitation allowing unauthenticated attackers to perform arbitrary file read and server-side...

VulnCheck KEV: CVE-2015-5471

Absolute path traversal vulnerability in include/user/download.php in the Swim Team plugin 1.44.10777 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter...

📄 JUNG Smart Panel 5.1 KNX Unauthenticated Absolute File Path Traversal

The JUNG Smart Panel 5.1 KNX controller suffers from a directory traversal vulnerability. Exploiting this issue will allow an unauthenticated attacker to view arbitrary files within the context of the web server. JUNG Smart Panel 5.1 KNX Unauthenticated Absolute File Path Traversal Vendor: ALBREC...

GHSA-M733-5W8F-5GGW pnpm has symlink traversal in file:/git dependencies

Summary When pnpm installs a file: directory or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path e.g., /etc/passwd, /.ssh/idrsa causes pnpm to copy that file's contents...

CVE-2026-1330

MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files...

CVE-2026-1330

MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files...

CVE-2026-1330 HAMASTAR Technology｜MeetingHub - Arbitrary File Read

MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files...

CVE-2026-1330 HAMASTAR Technology｜MeetingHub - Arbitrary File Read

MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files...

CVE-2026-1018

Police Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing Unauthenticated remote attacker to exploit Absolute Path Traversal to download arbitrary system files...

CVE-2026-1020

Police Statistics Database System developed by Gotac has a Absolute Path Traversal vulnerability, allowing unauthenticated remote attackers to enumerate the system file directory...

CVE-2026-1020

Police Statistics Database System developed by Gotac has a Absolute Path Traversal vulnerability, allowing unauthenticated remote attackers to enumerate the system file directory...

CVE-2026-1018

Police Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing Unauthenticated remote attacker to exploit Absolute Path Traversal to download arbitrary system files...

CVE-2026-1018

Police Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing Unauthenticated remote attacker to exploit Absolute Path Traversal to download arbitrary system files...

CVE-2026-1020

Police Statistics Database System developed by Gotac has a Absolute Path Traversal vulnerability, allowing unauthenticated remote attackers to enumerate the system file directory...

CVE-2026-1020

The CVE-2026-1020 entry concerns the Police Statistics Database System by Gotac, which has an Absolute Path Traversal vulnerability. The vulnerability allows unauthenticated remote attackers to enumerate the system file directory. Connected sources corroborate this description across multiple fee...

CVE-2026-1020 Gotac｜Police Statistics Database System - Absolute Path Traversal

Police Statistics Database System developed by Gotac has a Absolute Path Traversal vulnerability, allowing unauthenticated remote attackers to enumerate the system file directory...

CVE-2026-1020 Gotac｜Police Statistics Database System - Absolute Path Traversal

Police Statistics Database System developed by Gotac has a Absolute Path Traversal vulnerability, allowing unauthenticated remote attackers to enumerate the system file directory...