3 matches found
CVE-2026-48789
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, on Windows, the document folder listing route can accept an encoded absolute Windows path that resolves outside the intended documents directory. The shared...
CVE-2026-43616
Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive entries with relative traversal sequences or absolute paths. Attackers can exploit insufficient path normalization during archive...
PT-2025-37723
Name of the Vulnerable Software and Affected Versions: Digilent WaveForms versions prior to 3.24.4 Description: A relative path traversal vulnerability exists due to improper input validation in Digilent WaveForms, potentially leading to arbitrary code execution. Successful exploitation requires ...