CVE-2026-24488 OpenEMR Vulnerable to Arbitrary File Exfiltration via Fax Endpoint

OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, an arbitrary file exfiltration vulnerability in the fax sending endpoint allows any authenticated user to read and transmit any file on the server...

CVE-2026-24488

OpenEMR

CVE-2026-24488 OpenEMR Vulnerable to Arbitrary File Exfiltration via Fax Endpoint

OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, an arbitrary file exfiltration vulnerability in the fax sending endpoint allows any authenticated user to read and transmit any file on the server...

PT-2026-22349

OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, an arbitrary file exfiltration vulnerability in the fax sending endpoint allows any authenticated user to read and transmit any file on the server...

EUVD-2026-8805

The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0 via the 'src' parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...

PT-2026-22091

Name of the Vulnerable Software and Affected Versions WP Responsive Images plugin for WordPress versions prior to 1.1 Description The WP Responsive Images plugin for WordPress is susceptible to a Path Traversal issue in versions up to and including 1.0. This allows unauthenticated attackers to re...

OpenEMR 路径遍历漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Prior to OpenEMR 7.0.4, there was a path traversal...

CVE-2026-26202

Penpot is an open-source design tool for design and code collaboration. Prior to version 2.13.2, an authenticated user can read arbitrary files from the server by supplying a local file path e.g. /etc/passwd as a font data chunk in the create-font-variant RPC endpoint, resulting in the file...

CVE-2026-26202 Penpot has Arbitrary File Read via create-font-variant RPC endpoint

Penpot is an open-source design tool for design and code collaboration. Prior to version 2.13.2, an authenticated user can read arbitrary files from the server by supplying a local file path e.g. /etc/passwd as a font data chunk in the create-font-variant RPC endpoint, resulting in the file...

CVE-2026-23620 GFI MailEssentials AI < 22.4 ListServer.IsDBExist() Absolute Directory Traversal to File Enumeration

GFI MailEssentials AI versions prior to 22.4 contain an arbitrary file existence enumeration vulnerability in the ListServer.IsDBExist web method exposed at /MailEssentials/pages/MailSecurity/ListServer.aspx/IsDBExist. An authenticated user can supply an unrestricted filesystem path via the JSON...

CVE-2026-2419

The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.69 via the 'downloadpath' configuration parameter. This is due to insufficient validation of the download path setting, which allows directory traversal sequences to bypass the...

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the upload action in the browser tool when user-supplied file paths are not properly validated. An authenticated attacker can access arbitrary files on the server ...

PT-2026-8022

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.5.1, a Path Traversal vulnerability in the RecipeImport workflow of Tandoor Recipes allows authenticated users with import permissions to read arbitrary files on the server. This...

CVE-2026-26217

Crawl4AI versions prior to 0.8.0 contain a local file inclusion vulnerability in the Docker API deployment. The /executejs, /screenshot, /pdf, and /html endpoints accept file:// URLs, allowing unauthenticated remote attackers to read arbitrary files from the server filesystem. An attacker can...

CVE-2026-26217

Crawl4AI versions prior to 0.8.0 contain a local file inclusion vulnerability in the Docker API deployment. The /executejs, /screenshot, /pdf, and /html endpoints accept file:// URLs, allowing unauthenticated remote attackers to read arbitrary files from the server filesystem. An attacker can...

CVE-2026-26217 Crawl4AI < 0.8.0 Docker API Local File Inclusion via file URL Handling

Crawl4AI versions prior to 0.8.0 contain a local file inclusion vulnerability in the Docker API deployment. The /executejs, /screenshot, /pdf, and /html endpoints accept file:// URLs, allowing unauthenticated remote attackers to read arbitrary files from the server filesystem. An attacker can...

Crawl4AI 路径遍历漏洞

Crawl4AI is an open-source, LLM-friendly web crawler developed by UncleCode’s individual developers. Versions of Crawl4AI prior to 0.8.0 contained a path traversal vulnerability. This vulnerability stemmed from multiple endpoints in the Docker API that accepted file:// URLs, allowing...

PT-2026-7663

Outline is a service that allows for collaborative documentation. Prior to 1.4.0, during the JSON import process, the value of attachments.key from the imported JSON is passed directly to path.joinrootPath, node.key and then read using fs.readFile without validation. By embedding path traversal...

SUSE CVE-2026-23851

SiYuan is a personal knowledge management system. Versions prior to 3.5.4 contain a logic vulnerability in the /api/file/globalCopyFiles endpoint. The function allows authenticated users to copy files from any location on the server's filesystem into the application's workspace without proper pat...

CVE-2026-24135

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, a path traversal vulnerability exists in the updateWikiPage function of Gogs. The vulnerability allows an authenticated user with write access to a repository's wiki to delete arbitrary files on the server by manipulatin...