ANT-2026-9VJ9JJXQ · junrar · Path Traversal

path-traversal medium GHSA-j273-m5qq-6825 Severity Claude high · Security research firm - · Maintainer medium Discovered by Claude Mythos Preview REPORT The report below was sent to the maintainer and sealed at approval. ANT-2026-9VJ9JJXQ: Arbitrary file write due to backslash path traversal...

Server-side Request Forgery (SSRF)

Overview @opennextjs/cloudflare is a Cloudflare builder for next apps Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the cdn-cgi/image/ handler due to improper path normalization. An attacker can cause the server to fetch arbitrary remote URLs and...

CVE-2026-28208 Junrar has arbitrary file write due to backslash path traversal bypass in LocalFolderExtractor on Linux/Unix

Junrar is an open source java RAR archive library. Prior to version 7.5.8, a backslash path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content anywhere on the filesystem when a crafted RAR archive is extracted on Linux/Unix...

CVE-2025-64107

Cursor is a code editor built for programming with AI. In versions 1.7.52 and below, manipulating internal settings may lead to RCE. Cursor detects path manipulation via forward slashes ./.cursor/./././././mcp.json etc., and requires human approval to complete the operation. However, the same kin...

CVE-2025-64107

Cursor is a code editor built for programming with AI. In versions 1.7.52 and below, manipulating internal settings may lead to RCE. Cursor detects path manipulation via forward slashes ./.cursor/./././././mcp.json etc., and requires human approval to complete the operation. However, the same kin...

CVE-2025-62522

Vite is a frontend tooling framework for JavaScript. In versions from 2.9.18 to before 3.0.0, 3.2.9 to before 4.0.0, 4.5.3 to before 5.0.0, 5.2.6 to before 5.4.21, 6.0.0 to before 6.4.1, 7.0.0 to before 7.0.8, and 7.1.0 to before 7.1.11, files denied by server.fs.deny were sent if the URL ended...

nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

A flaw was found in the npm package "tar" aka node-tar. Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on...

nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

A flaw was found in the npm package "tar" aka node-tar. Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on...

CVE-2022-28005

An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server via /Electron/download directory traversal in conjunction with a path component that uses...

CVE-2022-21221

The package github.com/valyala/fasthttp before 1.34.0 are vulnerable to Directory Traversal via the ServeFile function, due to improper sanitization. It is possible to be exploited by using a backslash %5c character in the path. Note: This security issue impacts Windows users only...

Directory Traversal

Overview github.com/valyala/fasthttp is a fast HTTP server and client API. Affected versions of this package are vulnerable to Directory Traversal via the ServeFile function, due to improper sanitization. It is possible to be exploited by using a backslash %5c character in the path. Note: This...

February 21, 2019—KB4491101 (OS Build 10240.18135)

February 21, 2019—KB4491101 OS Build 10240.18135 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that may prevent Internet Explorer from loading images that have a...

DEBIAN-CVE-2014-7829

Directory traversal vulnerability in actionpack/lib/actiondispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.21, 4.0.x before 4.0.12, 4.1.x before 4.1.8, and 4.2.x before 4.2.0.beta4, when servestaticassets is enabled, allows remote attackers to determine the existence o...