CVE-2026-32973 OpenClaw < 2026.3.11 - Exec Allowlist Pattern Overmatch via POSIX Path Normalization

OpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability where matchesExecAllowlistPattern improperly normalizes patterns with lowercasing and glob matching that overmatches on POSIX paths. Attackers can exploit the ? wildcard matching across path segments to execute commands or...

Path Traversal

pf4j is vulnerable to Path Traversal. The vulnerability is due to improper handling of zip entry names, where a lack of proper path normalization and validation can allow directory traversal or Zip Slip attacks...

CVE-2026-33868 Mastodon has a GET-Based Open Redirect via '/web/%2F<domain>'

Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.5.8, 4.4.15, and 4.3.21, an unauthenticated Open Redirect vulnerability CWE-601 exists in the /web/ route due to improper handling of URL-encoded path segments. An attacker can craft a specially encode...

Interpretation Conflict

github.com/traefik/traefik is vulnerable to Interpretation Conflict. The vulnerability is due to improper path normalization when handling Path, PathPrefix, or PathRegex matchers, which allows an attacker to use URL-encoded characters to bypass middleware and access unintended backend services...

Exploit for CVE-2025-52913

CVE-2025-52913 - MiCollab Path Normalization Vulnerability...

CVE-2026-30914

SFTPGo is an open source, event-driven file transfer solution. In SFTPGo versions prior to 2.7.1, a path normalization discrepancy between the protocol handlers and the internal Virtual Filesystem routing can lead to an authorization bypass. An authenticated attacker can craft specific file paths...

pf4j is vulnerable to Path Traversal or Zip Slip attack through improper handling of zip entry names

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

DEBIAN-CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

UBUNTU-CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

SUSE CVE-2026-30914

SFTPGo is an open source, event-driven file transfer solution. In SFTPGo versions prior to 2.7.1, a path normalization discrepancy between the protocol handlers and the internal Virtual Filesystem routing can lead to an authorization bypass. An authenticated attacker can craft specific file paths...

CVE-2025-70952

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

PT-2026-28084

pf4j before 20c2f80 has a path traversal vulnerability in the extract function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation...

CVE-2025-70952

Pf4J prior to version 20c2f80 contains a path traversal (Zip Slip) vulnerability in Unzip.java::extract(), caused by improper zip entry name handling and insufficient path normalization/validation. This allows directory traversal during extraction. The fixed state is addressed in the referenced c...

OpenClaw Authentication Bypass Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw there is an authentication bypass vulnerability , the vulnerability stems from the gateway authentication there is a path normalization mismatch problem , an attacker can use the vulnerability to bypass...

GHSA-P224-6X5R-FJPM Ory Oathkeeper has a path traversal authorization bypass

Description Ory Oathkeeper is vulnerable to an authorization bypass via HTTP path traversal. An attacker can craft a URL containing path traversal sequences e.g. /public/../admin/secrets that resolves to a protected path after normalization, but is matched against a permissive rule because the ra...

PT-2026-26778

Name of the Vulnerable Software and Affected Versions Ory Oathkeeper affected versions not specified Description Ory Oathkeeper is susceptible to an authorization bypass due to a path traversal issue. An attacker can potentially bypass security checks by crafting URLs with path traversal sequence...

OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw there is an authentication bypass vulnerability , the vulnerability stems from the gateway authentication there is a path normalization mismatch problem , an attacker can use the vulnerability to bypass...

GO-2026-4699 SFTPGo Vulnerable to Path Traversal and Permission Bypass via Path Normalization Discrepancy in github.com/drakkan/sftpgo

SFTPGo Vulnerable to Path Traversal and Permission Bypass via Path Normalization Discrepancy in github.com/drakkan/sftpgo...

CVE-2026-30914

SFTPGo is an open source, event-driven file transfer solution. In SFTPGo versions prior to 2.7.1, a path normalization discrepancy between the protocol handlers and the internal Virtual Filesystem routing can lead to an authorization bypass. An authenticated attacker can craft specific file paths...