CVE-2026-31379

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting', Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Improper Control of Generation of Code 'Code Injection' vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06...

CVE-2026-31176

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunuser parameter to /cgi-bin/cstecgi.cgi...

CVE-2026-40947

Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path...

CVE-2026-39276

The template upload feature in Emlog Pro v2.6.9 has a path traversal vulnerability, allowing authenticated administrators to execute arbitrary PHP code. By uploading a malicious ZIP archive containing directory traversal sequences in filenames, an attacker can overwrite default template files or...

CVE-2026-39871

A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to observe unprotected user data...

CVE-2026-0205

A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services...

CVE-2026-8274

A security vulnerability has been detected in npitre cramfs-tools up to 2.1. Affected is the function dodirectory of the file cramfsck.c of the component Directory Handler. Such manipulation leads to path traversal. The attack can only be performed from a local environment. The exploit has been...

skillctl: Path traversal and symlink-follow in skillctl allow arbitrary file disclosure and deletion

Impact skillctl 0.1.0 and 0.1.1 contained four path-safety vulnerabilities that, in combination, allowed an attacker to: 1. Exfiltrate arbitrary files on the operator's machine by publishing a malicious skills library containing a symlink inside a skill folder e.g. niania →...

GHSA-WX3M-WHQV-XV47 skillctl: Path traversal and symlink-follow in skillctl allow arbitrary file disclosure and deletion

Impact skillctl 0.1.0 and 0.1.1 contained four path-safety vulnerabilities that, in combination, allowed an attacker to: 1. Exfiltrate arbitrary files on the operator's machine by publishing a malicious skills library containing a symlink inside a skill folder e.g. niania →...

CVE-2026-8412

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery CSRF at concrete/controllers/dialog/page/bulk/cache. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks Yonatan...

CVE-2026-8116

A weakness has been identified in huangjunsen0406 xiaozhi-mcphub up to 1.0.3. This vulnerability affects unknown code of the file src/controllers/dxtController.ts. This manipulation of the argument manifest.name causes path traversal. The attack may be initiated remotely. The exploit has been mad...

CVE-2026-8413

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery CSRF at concrete/controllers/dialog/page/bulk/design. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks Yonata...

CVE-2026-8271

A vulnerability was identified in D-Link DNS-320 2.06B01. The impacted element is the function cgispeed/cgidhcpdlease/cgiddns/cgisetip/cgiupnpdel/cgidhcpd/cgiupnpadd/cgiupnpedit of the file /cgi-bin/networkmgr.cgi. The manipulation leads to os command injection. The attack is possible to be carri...

CVE-2026-8765

A vulnerability was detected in Kilo-Org kilocode up to 7.0.47. This vulnerability affects the function Bun.file of the file packages/opencode/src/kilocode/review/worktree-diff.ts of the component File Diff API Endpoint. Performing a manipulation of the argument File results in path traversal. It...

CVE-2025-36515

Uncontrolled search path for some AI Playground software before version 3.0.0 alpha within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This...

CVE-2025-15470

The Eleganzo theme for WordPress is vulnerable to arbitrary directory deletion due to insufficient path validation in the akdrequiredplugincallback function in all versions up to, and including, 1.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

CVE-2025-68649

An improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer...

CVE-2025-41268

Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Administration WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to delete arbitrary files on the Host machines...

CVE-2025-41273

Nozomi Networks Labs identified a CWE-288: Authentication Bypass Using an Alternate Path or Channel in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to bypass authentication of the Console web application and...

CVE-2025-41271

Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to read arbitrary files from the device...