dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

CVE-2026-7774

The CVE-2026-7774 entry concerns tarfile.data_filter in Python's tarfile handling. Crafted link entries, including symlinks with empty or directory-like names, can bypass checks to cause tarfile.extractall() to write files outside the intended extraction directory, limited by the extractor's perm...

CVE-2026-41863

Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malicious user to write files outside the intended target directory, including restricted directories. Affected versions: Spring AI: 1.1.0...

CLSA-2026-1777544697 squashfs-tools: Fix of CVE-2021-40153

CVE-2021-40153: fix write outside destination directory in unsquashfs...

GHSA-XVWW-XHX6-22PF SillyTavern has a path traversal in `/api/chats/import` allows arbitrary file write outside intended chat directory

Summary A path traversal vulnerability in /api/chats/import allows an authenticated attacker to write attacker-controlled files outside the intended chats directory by injecting traversal sequences into charactername. Details charactername is used unsafely as part of the destination filename and...

CVE-2026-33529 Zoraxy: Authenticated Path Traversal in Config Import leads to RCE

Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. Prior to version 3.3.2, an authenticated path traversal vulnerability in the configuration import endpoint allows an authenticated user to write arbitrary files outside the config directory, which can lead to RCE by creating a...

OpenClaw 路径遍历漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability that stems from not validating the path of an entry when extracting a TAR archive, which can be exploited by an attacker to write a file outside the expected directory vi...

OpenClaw 路径遍历漏洞

OpenClaw is an agent tool for managing session logs. OpenClaw suffers from a path traversal vulnerability. An attacker can exploit this vulnerability by... /... /etc/passwd, etc. to read and write arbitrary files outside of the agent's session directory...

CVE-2026-24053

Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the...

PT-2026-6187

Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 2.0.74 Description Claude Code is an agentic coding tool affected by a Bash command validation flaw when parsing ZSH clobber syntax. This flaw allowed bypassing directory restrictions and writing files outside the...

CVE-2025-9142 Local privilege escalation in Harmony SASE Windows Agent

A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...

CVE-2025-13661

Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required...

CVE-2025-13661

Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required...

CVE-2025-13661

CVE-2025-13661 is a path-traversal vulnerability in Ivanti Endpoint Manager (prior to 2024 SU4 SR1). An authenticated remote attacker can write arbitrary files outside the intended directory, with user interaction required. Multiple sources (NVD/Red Hat EUVD, Nessus plugin, and related advisories...

PT-2025-50087

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 SU4 SR1 Description A path traversal issue exists in Ivanti Endpoint Manager. A remote authenticated attacker can write arbitrary files to locations outside the intended directory. User interactio...

CVE-2025-59372

A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to write files outside the intended directory, potentially affecting device integrity. Refer to the 'Security Update for ASUS Router Firmware' section on...

CVE-2025-59372

A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to write files outside the intended directory, potentially affecting device integrity. Refer to the 'Security Update for ASUS Router Firmware' section on...

CVE-2025-59372

A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to write files outside the intended directory, potentially affecting device integrity. Refer to the 'Security Update for ASUS Router Firmware' section on...

CVE-2025-59372

Summary: CVE-2025-59372 is a path-traversal vulnerability in ASUS Router Firmware. An authenticated, remote attacker could write files outside the intended directory, potentially compromising device integrity. Documents consistently describe this flaw as affecting ASUS Router devices and referenc...

UBUNTU-CVE-2025-48387

tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.0.9, 2.1.3, and 1.16.5 have an issue where an extract can write outside the specified dir with a specific tarball. This has been patched in versions 3.0.9, 2.1.3, and 1.16.5. As a workaround, use the ignore option to ignore n...