Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

67 matches found

CVE
CVEadded 2026/01/02 7:2 p.m.20 views

CVE-2026-21440

CVE-2026-21440 is a path traversal vulnerability in AdonisJS bodyparser (MultipartFile.move) that allows writing files outside the intended directory when the client-supplied filename is not sanitized. Root cause: move(location, options?) defaults to using clientName and path.join(location, fileN...

9.2CVSS6.7AI score0.00097EPSS
Exploits3References5
Cvelist
Cvelistadded 2026/01/02 7:2 p.m.27 views

CVE-2026-21440 AdonisJS Path Traversal in Multipart File Handling

AdonisJS is a TypeScript-first web framework. A Path Traversal vulnerability in AdonisJS multipart file handling may allow a remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This impacts @adonisjs/bodyparser through version 10.1.1 and 11.x prerelease...

9.2CVSS0.00097EPSS
Exploits3References5
OSV
OSVadded 2026/01/02 6:58 p.m.4 views

GHSA-GVQ6-HVVP-H34H AdonisJS Path Traversal in Multipart File Handling

Summary Description A Path Traversal CWE-22 vulnerability in AdonisJS multipart file handling may allow a remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This impacts @adonisjs/bodyparser through version 10.1.1 and 11.x prerelease versions prior to...

9.2CVSS7.4AI score0.00097EPSS
Exploits3References7
Snyk
Snykadded 2026/01/02 6:58 p.m.3 views

Directory Traversal

Overview @adonisjs/bodyparser is a BodyParser middleware for AdonisJS http server to read and parse request body Affected versions of this package are vulnerable to Directory Traversal via the MultipartFile.move function's default options. An attacker can write arbitrary files to unintended...

9.2CVSS7.8AI score0.00097EPSS
Exploits3References2
Github Security Blog
Github Security Blogadded 2026/01/02 6:58 p.m.5 views

AdonisJS Path Traversal in Multipart File Handling

Summary Description A Path Traversal CWE-22 vulnerability in AdonisJS multipart file handling may allow a remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This impacts @adonisjs/bodyparser through version 10.1.1 and 11.x prerelease versions prior to...

9.2CVSS7.5AI score0.00097EPSS
Exploits3References7Affected Software1
Positive Technologies
Positive Technologiesadded 2026/01/02 12:0 a.m.3 views

PT-2026-1121

Name of the Vulnerable Software and Affected Versions AdonisJS versions through 10.1.1 and 11.x prerelease versions prior to 11.0.0-next.6 Description A Path Traversal vulnerability exists in the AdonisJS multipart file handling process. This flaw allows a remote attacker to write arbitrary files...

9.4CVSS8.3AI score0.00097EPSS
Exploits3References43
CNNVD
CNNVDadded 2026/01/02 12:0 a.m.6 views

bodyparser 路径遍历漏洞

bodyparser is an open source BodyParser middleware on AdonisJS from AdonisJS Framework. A path traversal vulnerability exists in bodyparser versions 10.1.1 and earlier and 11.0.0-next.6 and earlier, which stems from the existence of a path traversal in multipart file handling that could result in...

9.2CVSS6.8AI score0.00097EPSS
Exploits3References6
Rows per page
Query Builder