Lucene search
K

469 matches found

EUVD
EUVD
added yesterday10 views

EUVD-2026-43261

A vulnerability was identified in makafeli n8n-workflow-builder up to 0.11.0. Affected is an unknown function of the file build/server.cjs of the component updatenodefromfile. The manipulation of the argument filePath leads to path traversal. An attack has to be approached locally. The exploit is...

5.3CVSS5.7AI score0.00137EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-59149 Mockoon: Path traversal in templated `filePath` lets a request escape the served directory (prefix-only base check)

Mockoon provides way to design and run mock APIs. Prior to 9.7.0, a FILE response whose filePath embeds request data is confined by getSafeFilePath in packages/commons-server/src/libs/server/server.ts with resolvedPath.startsWithstaticBaseDir. That prefix test has no path-separator boundary, so a...

6.5CVSS0.0033EPSS
Exploits0References5
CVE
CVE
added 5 days ago9 views

CVE-2026-59149

Mockoon before version 9.7.0 is affected by a path-traversal in the templated filePath. The vulnerability arises because getSafeFilePath checks resolvedPath.startsWith(staticBaseDir) without a path-separator boundary, allowing an unauthenticated client to craft a ../-escaped path that prefixes th...

6.5CVSS5.9AI score0.0033EPSS
Exploits0References5
OSV
OSV
added 2026/06/18 5:25 p.m.7 views

GHSA-2JQ4-Q6VV-4CP3 Crawl4AI: Arbitrary file write (path traversal) in crawler downloads can lead to RCE

Summary When the crawler saves a downloaded file, the destination filename was taken from attacker-influenced input and joined to the downloads directory with no confinement. A filename containing an absolute path e.g. /etc/cron.d/evil or ../ traversal escaped the downloads directory, giving an...

9.6CVSS6.5AI score0.00502EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/10 5:31 p.m.9 views

CVE-2026-50568 Fission: SanitizeFilePath lexical HasPrefix bypass permits sibling-directory escape

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/utils.go validated that a path stayed under a safe directory by calling strings.HasPrefixpath,...

3.6CVSS5.4AI score0.00114EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.17 views

PT-2026-48513

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/utils.go validated that a path stayed under a safe directory by calling strings.HasPrefixpath,...

3.6CVSS5.4AI score0.00114EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.10 views

CVE-2026-9473

A vulnerability has been found in c-rick jimeng-mcp 1.10.0. Affected by this vulnerability is the function getFileContent/uploadCoverFile/generateImage/generateVideo of the file src/api.ts. The manipulation of the argument filePath leads to path traversal. The attack may be initiated remotely. Th...

6.5CVSS6.2AI score0.00337EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.10 views

CVE-2026-6591

A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folderpaths.getannotatedfilepath of the file folderpaths.py of the component LoadImage Node. This manipulation of the argument Name causes path traversal. Remote exploitation of the attack is possible. The exploit has been...

5.3CVSS5AI score0.00366EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Excel MCP Server 路径遍历漏洞

Excel MCP Server is an Excel and CSV file reading/writing/analysis tool developed by ishayoyo as a personal project. Versions of Excel MCP Server 1.0.2 and earlier contained a path traversal vulnerability. This vulnerability stemmed from incorrect handling of the filePath/outputPath parameters in...

6.5CVSS6.4AI score0.00288EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.54 views

algernon 路径遍历漏洞

Algernon is a web server developed by Alexander F. Rødseth. Versions of Algernon prior to 1.17.6 contained a path traversal vulnerability. This vulnerability stemmed from the uploadedFileSaveIn function in lua/upload/upload.go, which used filepath.Join to concatenate the directory provided by the...

8.7CVSS5.8AI score0.00344EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/25 4:15 p.m.10 views

CVE-2026-9473

A vulnerability has been found in c-rick jimeng-mcp 1.10.0. Affected by this vulnerability is the function getFileContent/uploadCoverFile/generateImage/generateVideo of the file src/api.ts. The manipulation of the argument filePath leads to path traversal. The attack may be initiated remotely. Th...

6.5CVSS5.5AI score0.00337EPSS
Exploits0References5Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Golang-1.19

There is a path traversal vulnerability in the filepath.Clean function on Windows. On Windows, the filepath.Clean function could transform an invalid path such as “a/../c:/b” into the valid path “c:\b”. This transformation of a relative if invalid path into an absolute path could enable a directo...

7.5CVSS7.1AI score0.01678EPSS
Exploits0References1
Veracode
Veracode
added 2026/05/15 6:49 p.m.14 views

Path Traversal

github.com/dgraph-io/dgraph is vulnerable to Path Traversal. The vulnerability is due to improper validation of the dagRunId request field passed into filepath.Join, which allows an attacker to exploit directory traversal using values such as .. and trigger unintended deletion of system temporary...

9.1CVSS5.8AI score0.00338EPSS
Exploits1References3Affected Software3
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.22 views

PT-2026-38621

Name of the Vulnerable Software and Affected Versions Note Mark versions 0.13.0 through 0.19.3 Description Authenticated users can upload assets to notes via the "/api/notes/noteID/assets" endpoint. The application stores the asset filename provided in the X-Name HTTP request header directly in t...

8.6CVSS6AI score0.00495EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/05 8:21 p.m.8 views

CVE-2026-7738

A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function createdocument/opendocument of the file src/mcp-server.ts of the component MCP Interface. The manipulation of the argument filePath results in path traversal. The attack can be launched remotely. The...

6.5CVSS6.3AI score0.00288EPSS
Exploits0References1
NVD
NVD
added 2026/05/04 7:16 a.m.8 views

CVE-2026-7738

A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function createdocument/opendocument of the file src/mcp-server.ts of the component MCP Interface. The manipulation of the argument filePath results in path traversal. The attack can be launched remotely. The...

6.5CVSS0.00288EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.11 views

Word Tools MCP Server 路径遍历漏洞

Word Tools MCP Server is an AI-driven word document manipulation tool developed by Jeremy Pu. Version 1.0.18 of Word Tools MCP Server contains a path traversal vulnerability. This vulnerability stems from the createdocument/opendocument function in the MCP Interface component, where the filePath...

6.5CVSS6.6AI score0.00288EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/21 8:50 p.m.3 views

CVE-2026-40923 Tekton Pipelines: VolumeMount path restriction bypass via missing filepath.Clean in /tekton/ check

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, a validation bypass in the VolumeMount path restriction allows mounting volumes under restricted /tekton/ internal pat...

5.4CVSS5.8AI score0.0022EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/21 8:50 p.m.35 views

CVE-2026-40923 Tekton Pipelines: VolumeMount path restriction bypass via missing filepath.Clean in /tekton/ check

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, a validation bypass in the VolumeMount path restriction allows mounting volumes under restricted /tekton/ internal pat...

5.4CVSS0.0022EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/21 8:26 p.m.12 views

Tekton Pipelines: VolumeMount path restriction bypass via missing filepath.Clean in /tekton/ check

Summary A validation bypass in the VolumeMount path restriction allows mounting volumes under restricted /tekton/ internal paths by using .. path traversal components. The restriction check uses strings.HasPrefix without filepath.Clean, so a path like /tekton/home/../results passes validation but...

5.4CVSS5.8AI score0.0022EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder