CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

128 matches found

NVD•added 2026/04/27 4:16 p.m.•2 views

CVE-2026-41463

ProjeQtor versions 7.0 through 12.4.3 contain a ZipSlip path traversal vulnerability in the plugin upload functionality that allows authenticated attackers with upload permissions to write files outside the intended extraction directory by crafting ZIP archives with directory traversal sequences...

8.8CVSS0.00541EPSS

Exploits0References4

EUVD•added 2026/04/27 3:9 p.m.•0 views

EUVD-2026-25866

8.8CVSS6.4AI score0.00541EPSS

Exploits0References4

CVE•added 2026/04/27 3:9 p.m.•3 views

CVE-2026-41463

Summary: CVE-2026-41463 affects ProjeQtor versions 7.0–12.4.3 and describes a ZipSlip path traversal in the plugin upload functionality. An authenticated attacker with upload permissions can craft ZIP archives with directory traversal sequences to bypass extraction boundaries and write files outs...

8.8CVSS6.4AI score0.00541EPSS

Exploits0References4

Vulnrichment•added 2026/04/27 3:9 p.m.•1 views

CVE-2026-41463 ProjeQtor < 12.4.4 ZipSlip Path Traversal via uploadPlugin.php

8.8CVSS6.4AI score0.00541EPSS

Exploits0References4

ATTACKERKB•added 2026/04/27 3:9 p.m.•2 views

CVE-2026-41463

8.8CVSS6.4AI score0.00541EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/04/27 12:0 a.m.•1 views

PT-2026-35442

8.8CVSS6.4AI score0.00541EPSS

Exploits0References5

OSV•added 2026/04/22 7:6 p.m.•1 views

GHSA-X2XQ-QHJF-5MVG DDEV has ZipSlip path traversal in tar and zip archive extraction

Summary The DDEV local dev tool has unsanitized extraction in both Untar and Unzip functions in pkg/archive/archive.go. This flaw allows users to download and extract archives from remote sources without path validation. Vulnerable Code pkg/archive/archive.go:235 Untar: go fullPath :=...

6.5CVSS5.9AI score0.00019EPSS

Exploits3References6

Packet Storm•added 2026/04/17 12:0 a.m.•54 views

📄 ddev ZipSlip Path Traversal

A ZipSlip path traversal vulnerability exists in the ddev/ddev project, affecting archive extraction routines. The issue allows a crafted ZIP archive to write files outside the intended extraction directory, potentially leading to arbitrary file overwrite on the host system...

6.5CVSS5.9AI score0.00019EPSS

Exploits3

Packet Storm•added 2026/03/24 12:0 a.m.•114 views

📄 ddev/ddev ZipSlip Path Traversal

A ZipSlip path traversal vulnerability exists in ddev/ddev, a popular open-source local development tool for PHP, Python, and Node.js projects. Both the Untar and Unzip functions in pkg/archive/archive.go use filepath.Joindest, file.Name without any path containment validation, allowing a crafted...

5.9AI score0.00019EPSS

Exploits3

EUVD•added 2026/01/15 6:43 p.m.•2 views

EUVD-2026-2856

Docmost is an open-source collaborative wiki and documentation software. From 0.21.0 to before 0.24.0, Docmost is vulnerable to Arbitrary File Write via Zip Import Feature ZipSlip. In apps/server/src/integrations/import/utils/file.utils.ts, there are no validation on filename. This vulnerability ...

7.1CVSS6.4AI score0.00037EPSS

Exploits1References4

ATTACKERKB•added 2026/01/15 6:43 p.m.•2 views

CVE-2026-22249

9.8CVSS5.5AI score0.00037EPSS

Exploits1References5Affected Software1

OSV•added 2025/12/15 8:15 p.m.•3 views

GO-2025-4237 Weaviate OSS has a Path Traversal Vulnerability via Backup ZipSlip in github.com/weaviate/weaviate

Weaviate OSS has a Path Traversal Vulnerability via Backup ZipSlip in github.com/weaviate/weaviate...

7.2CVSS6.8AI score0.00213EPSS

Exploits0References5

OSV•added 2025/12/12 6:30 p.m.•2 views

GHSA-7V39-2HX7-7C43 Weaviate OSS has a Path Traversal Vulnerability via Backup ZipSlip

An issue was discovered in Weaviate OSS before 1.33.4. An attacker with access to insert data into the database can craft an entry name with an absolute path e.g., /etc/... or use parent directory traversal ../../.. to escape the restore root when a backup is restored, potentially creating or...

8.7CVSS7AI score0.00213EPSS

Exploits0References6

OSV•added 2025/12/12 11:13 a.m.•3 views

BIT-ARGO-WORKFLOWS-2025-66626 argoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic links

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions 3.6.13 and below and versions 3.7.0 through 3.7.4, contain unsafe untar code that handles symbolic links in archives. Concretely, the computation of a link's target and the...

8.1CVSS6.9AI score0.00089EPSS

Exploits1References5

Vulnrichment•added 2025/12/09 8:32 p.m.•2 views

CVE-2025-67488 SiYuan: ZipSlip -> Arbitrary File Overwrite -> RCE

SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. An authenticated user with access to the...

7.8CVSS7.3AI score0.00066EPSS

Exploits1References2

CVE•added 2025/12/09 8:32 p.m.•13 views

CVE-2025-67488

SiYuan (self-hosted open source PIM) is affected by a ZipSlip vulnerability in the importZipMd function. The authenticated user with access to the import functionality can overwrite arbitrary files on the system, potentially escalating to remote code execution in some scenarios (e.g., via Docker ...

8.8CVSS7.3AI score0.00066EPSS

Exploits1References2Affected Software1