Lucene search
K

256 matches found

CNNVD
CNNVD
added 2026/03/10 12:0 a.m.6 views

liquidjs 路径遍历漏洞

LiquidJS is a simple, expressive, secure, and compatible JavaScript template engine developed by Jun Yang. Versions of LiquidJS prior to 10.25.0 had a path traversal vulnerability. This vulnerability stems from the layout, render, and include tags allowing access to arbitrary files via absolute...

8.7CVSS5.9AI score0.00557EPSS
Exploits1References4
CVE
CVE
added 2026/03/09 7:19 p.m.22 views

CVE-2026-0846

The CVE concerns nltk 3.9.2, specifically the filestring() function in nltk.util, which opens user-supplied file paths without proper sanitization. This allows arbitrary file read by passing absolute or traversal paths, enabling access to sensitive system files. Exploitation can occur locally or ...

8.6CVSS7.3AI score0.00428EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/09 7:19 p.m.1 views

CVE-2026-0846 Arbitrary File Read via Absolute Path Input in nltk.util.filestring()

A vulnerability in the filestring function of the nltk.util module in nltk version 3.9.2 allows arbitrary file read due to improper validation of input paths. The function directly opens files specified by user input without sanitization, enabling attackers to access sensitive system files by...

8.6CVSS5.9AI score0.00428EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/03/03 10:11 p.m.10 views

OpenClaw has a workspace-only sandbox guard mismatch for @-prefixed absolute paths

A workspace-only file-system guard mismatch allowed @-prefixed absolute paths to bypass boundary validation in some tool path checks. Impact When tools.fs.workspaceOnly=true, certain @-prefixed absolute paths for example @/etc/passwd could be validated before canonicalization while runtime path...

7.5CVSS6AI score0.00335EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/03 10:11 p.m.5 views

GHSA-27CR-4P5M-74RJ OpenClaw has a workspace-only sandbox guard mismatch for @-prefixed absolute paths

A workspace-only file-system guard mismatch allowed @-prefixed absolute paths to bypass boundary validation in some tool path checks. Impact When tools.fs.workspaceOnly=true, certain @-prefixed absolute paths for example @/etc/passwd could be validated before canonicalization while runtime path...

7.5CVSS6AI score0.00335EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/03 6:11 p.m.4 views

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via improper validation of media local-paths in the sandbox. An attacker can access and exfiltrate files outside the intended sandbox boundary by supplying absolute...

8.6CVSS6.2AI score0.00344EPSS
Exploits0References2
OSV
OSV
added 2026/03/03 6:11 p.m.5 views

GHSA-33HM-CQ8R-WC49 Temporary path handling could write outside OpenClaw temp boundary

Summary Sandbox media local-path validation accepted absolute paths under host tmp, even when those paths were outside the active sandbox root. Affected Packages / Versions - Package: openclaw npm - Latest published version verified during triage: 2026.2.23 - Affected versions: = 2026.2.24 Detail...

6.5CVSS6AI score0.00344EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.17 views

PT-2026-26414

A workspace-only file-system guard mismatch allowed @-prefixed absolute paths to bypass boundary validation in some tool path checks. Impact When tools.fs.workspaceOnly=true, certain @-prefixed absolute paths for example @/etc/passwd could be validated before canonicalization while runtime path...

6CVSS5.9AI score0.00335EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.7 views

PT-2026-26016

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.24 Description OpenClaw versions before 2026.2.24 contain a local media root bypass in the sendAttachment and setGroupIcon message actions when sandboxRoot is not configured. This allows attackers to read...

8.7CVSS5.9AI score0.00372EPSS
Exploits0References11
OSV
OSV
added 2026/02/23 8:57 p.m.4 views

CVE-2026-23521 Traccar vulnerable to Path Traversal and External Control of File Name or Path

Versions of the Traccar open-source GPS tracking system up to and including 6.11.1 contain an issue in which authenticated users who can create or edit devices can set a device uniqueId to an absolute path. When uploading a device image, Traccar uses that uniqueId to build the filesystem path...

6.5CVSS5.5AI score0.0032EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.8 views

OpenClaw 路径遍历漏洞

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a path traversal vulnerability that can be exploited by an attacker to read arbitrary files from a gateway host by supplying an absolute path or path traversal sequence to the upload operation of a browser...

7.1CVSS6.1AI score0.00408EPSS
Exploits0References3
Veracode
Veracode
added 2026/02/19 8:55 a.m.6 views

Arbitrary File Write

Langflow is vulnerable to arbitrary file write. The vulnerability is due to lack of path validation and directory restrictions in the fspath parameter, which allows an attacker to specify arbitrary absolute paths and overwrite files on the server...

7.1CVSS6AI score0.03631EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.10 views

Notepad++ 代码问题漏洞

Notepad++ is an open-source plain-text editor developed by Don Ho of Taiwan, China. Versions of Notepad++ prior to 8.9.2 had a code vulnerability; this vulnerability stemmed from the use of an absolute executable path when launching the Windows Explorer, which could lead to arbitrary code executi...

7.3CVSS7.7AI score0.00248EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.4 views

PT-2026-6473

Summary The isValidMedia function in src/media/parse.ts allows arbitrary file paths including absolute paths, home directory paths, and directory traversal sequences. An agent can read any file on the system by outputting MEDIA:/path/to/file, exfiltrating sensitive data to the user/channel. Detai...

6.5CVSS5.7AI score0.00745EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/27 4:59 a.m.4 views

CVE-2026-23888

A flaw was found in pnpm, a package manager. A path traversal vulnerability in pnpm's binary fetcher allows malicious packages to write files outside the intended extraction directory. This can occur through malicious ZIP entries containing directory traversal sequences ../ or absolute paths, or ...

6.5CVSS6.4AI score0.00396EPSS
Exploits1References6
NVD
NVD
added 2026/01/26 10:15 p.m.9 views

CVE-2026-24056

pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a file: directory or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path e.g., /etc/passwd,...

6.7CVSS0.00469EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/01/26 9:2 p.m.7 views

pnpm: Binary ZIP extraction allows arbitrary file write via path traversal (Zip Slip)

Summary A path traversal vulnerability in pnpm's binary fetcher allows malicious packages to write files outside the intended extraction directory. The vulnerability has two attack vectors: 1 Malicious ZIP entries containing ../ or absolute paths that escape the extraction root via AdmZip's...

6.5CVSS5.9AI score0.00396EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2026/01/18 11:47 p.m.5 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the extractPackageTarball function. An attacker can write arbitrary files to the filesystem by supplying a malicious tar file containing absolute paths. Note: This vulnerability results from an incomplete fix of...

9.8CVSS6.5AI score0.00499EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2026/01/18 12:0 a.m.15 views

PT-2026-3403

Name of the Vulnerable Software and Affected Versions esm.sh versions prior to 0.0.0-20260116051925-c62ab83c589e Description esm.sh is a content delivery network for web development. Versions prior to pseudoversion 0.0.0-20260116051925-c62ab83c589e contain a path traversal issue. The issue stems...

9.9CVSS5.3AI score0.27661EPSS
Exploits45References118
Github Security Blog
Github Security Blog
added 2026/01/16 9:16 p.m.25 views

node-tar is Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Insufficient Path Sanitization

Summary The node-tar library = 7.5.2 fails to sanitize the linkpath of Link hardlink and SymbolicLink entries when preservePaths is false the default secure behavior. This allows malicious archives to bypass the extraction root restriction, leading to Arbitrary File Overwrite via hardlinks and...

8.2CVSS7.6AI score0.00334EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder