ROS-20260319-73-0009

A vulnerability in the outfile plugin of the Fluent Bit logging tool is related to an incorrect directory path name restriction. Exploitation of the vulnerability could allow an attacker acting remotely to write an arbitrary file outside the target directory...

OpenClaw 后置链接漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path restriction bypass vulnerability that can be exploited by an attacker to write a file to an arbitrary location...

ROS-20260310-73-0042

Vulnerability in python-setuptools related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...

ROS-20260310-73-0041

Vulnerability in python-jaraco-context related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...

Advisory ROSA-SA-2026-3186

Software: vim 8.0.1763 OS: ROSA Virtualization 3.0 unaffected versions = vim-8.0.1763-21.0.1.1.rv30 affected versions vim-8.0.1763-21.0.0.1.rv30 CVE-ID: CVE-2025-53905 BDU-ID: 2025-11730 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the vim text editor is related to an incorrect restriction of t...

Advisory ROSA-SA-2026-3166

Software: vim 8.0.1763 OS: ROSA Virtualization 3.1 unaffected versions = vim-8.0.1763-21.0.1.rv31 affected versions vim-8.0.1763-21.0.1.1.rv31 CVE-ID: CVE-2025-53905 BDU-ID: 2025-11730 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the vim text editor is related to an incorrect restriction of the...

CVE-2026-24053 Cluade Code has a Path Restriction Bypass via ZSH Clobber which Allows Arbitrary File Writes

Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the...

GHSA-Q728-GF8J-W49R Claude Code has a Path Restriction Bypass via ZSH Clobber which Allows Arbitrary File Writes

Due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the user to use ZSH and the ability to add untrusted content into a...

ROS-20260129-73-0017

Vulnerability in rust related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

ROS-20260129-73-0056

Vulnerability in mariadb10.6 related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

ROS-20260129-73-0055

Vulnerability in mariadb related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

ROS-20260129-73-0057

Vulnerability in mariadb11.4 related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

PT-2026-21013

Уязвимость прикладного программного интерфейса системы для агрегации и хранения логов Loki связана с неверным ограничением имени пути к каталогу. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к защищаемой информации с помощью...

INNORIX WP 安全漏洞

INNORIX WP is a high-capacity file transfer software from the Korean company INNORIX. A security vulnerability exists in INNORIX WP that stems from improper path restriction and lack of authorization, which could lead to path traversal...

WordPress plugin Filr 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

CVE-2025-40549

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences ...

CVE-2025-40549

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences ...

CVE-2025-40549 SolarWinds Serv-U Path Restriction Bypass Vulnerability

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences ...

EUVD-2025-197928

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences ...

CVE-2025-40549 SolarWinds Serv-U Path Restriction Bypass Vulnerability

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences ...