This page collects WhisperX intelligence signals tagged #path-traversal. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A high-severity path traversal vulnerability has been identified in the `minimax_cli` project, exposing the server to unauthorized file access. The flaw resides in the `src/minimax_cli/acp/server.py` file, where file operations lack any path validation. This allows attackers to perform directory traversal attacks, esca...
A critical path traversal vulnerability in the `aos-workspace` MCP server allows any authenticated client to read arbitrary files from the host's entire filesystem. The flaw, located in the `index.js` file, stems from a failure to validate that a resolved file path remains within the intended workspace root directory (...
A critical security vulnerability has been identified in the Express.js view rendering system. The `View.prototype.lookup()` function lacks a fundamental path containment check, exposing applications that pass user input to `res.render()` to path traversal attacks. Unlike the protected `res.sendFile()` method, which us...
A critical security flaw in the XPN software's archive handling allows attackers to write files anywhere on a user's system. The vulnerability, a classic 'zip-slip' attack, resides in the `XOutshine.h` export module. The code directly passes user-supplied filenames from a `.xpn` archive to the extraction function witho...
A critical path traversal vulnerability exists within the `StaticFilesMiddleware` component, exposing server files to unauthorized access. The flaw stems from an insufficient sanitization routine that uses a simple `str_replace('..', '/', ...)` to block directory traversal attempts. This protection is easily bypassed u...
A critical path traversal vulnerability in the FinSpark API allows attackers to write arbitrary files anywhere on the server filesystem. The flaw is in the document upload endpoint, where the system blindly trusts the `file.filename` provided by the client. By submitting a filename like `../../etc/cron.d/backdoor`, an ...
A critical security vulnerability has been identified in the py-bugger tool, exposing systems to potential path traversal attacks. The flaw resides in the `_check_git_status()` function within the CLI utilities, where user-supplied input is passed directly to a subprocess call without any sanitization. This allows an a...
Spring Framework 的核心 Web 模块 `spring-webmvc` 被曝存在一个中等严重性的路径遍历漏洞(CVE-2025-41242,GHSA-r936-gwx5-v52f)。该漏洞在特定部署条件下,可能允许攻击者绕过安全限制,访问 Web 应用程序根目录之外的文件,导致敏感信息泄露。其 CVSS v3.1 评分为 7.5,归类为 CWE-22(路径遍历)。 该漏洞的触发条件较为具体,需要同时满足三个关键因素:首先,应用程序必须以 WAR 包形式部署,或使用嵌入式 Servlet 容器;其次,所使用的 Servlet 容器未能按照 Jakarta Servlet 6.1 规范的要求,拒绝包含可疑序列(如 `....
A critical path traversal vulnerability has been disclosed in the widely-used Mako templating engine for Python, tracked as GHSA-v92g-xgxw-vvmm. The flaw resides in the `TemplateLookup.get_template()` function, which fails to properly sanitize user-supplied template URIs. Specifically, an attacker can exploit an incons...
A critical path traversal vulnerability has been disclosed in the Mako templating engine, a core component used by major Python web frameworks. The flaw, tracked as GHSA-v92g-xgxw-vvmm, resides in the `TemplateLookup.get_template()` function, allowing attackers to potentially access sensitive files outside the intended...
A security vulnerability in Vite's core static file server could allow attackers to bypass directory traversal protections. The flaw resides in the `ServeStaticFiles` middleware, where the current defense mechanism using `path.resolve()` with a `'.' +` prefix and a `startsWith()` check is insufficient. This design can ...
A medium-severity security vulnerability in the popular H3 web framework allows attackers to bypass directory restrictions and read arbitrary files from a server's filesystem. The flaw, tracked as GHSA-wr4h-v87w-p3r7, resides in the `serveStatic()` utility function. Attackers can exploit it by crafting HTTP requests wi...
A medium-severity vulnerability in the popular H3 web framework's `serveStatic` utility creates a path traversal risk, potentially allowing attackers to access sensitive files on servers using affected versions. The flaw, tracked as GHSA-72gr-qfp7-vwhw, stems from a redundant `decodeURI()` call that enables bypassing b...
A high-severity security vulnerability in a Python application's `app.py` file allows attackers to overwrite critical system files. The flaw, a classic path traversal (CWE-22), resides in the `upload_file` function at line 220, where user-supplied filenames are used directly without sanitization. By submitting a malici...
A critical security regression has been identified in the staging environment at commit 36240c75, involving the deleteViaEphemeral function. The vulnerability, catalogued as F1502 under CWE-78 (OS Command Injection), stems from shell string concatenation in the deletion logic. The affected code constructs the command a...
A critical security flaw has been identified in the Stellar protocol's APY relayer implementation. The `FetchProtocolAPY` function in `internal/stellar/apy_relayer.go` constructs HTTP request URLs by concatenating a base URL with a `protocolID` parameter sourced directly from the on-chain yield registry — without any U...
Poetry, the widely adopted Python dependency management tool, has released version 2.3.4 to address a critical path traversal vulnerability in its tar extraction functionality. Tracked as CVE-2026-41140, the security flaw allows an attacker to write files to arbitrary locations on a system during package installation, ...
A critical path traversal vulnerability in Go's internal archive utility tool allows malicious archives to write files to arbitrary filesystem locations. The flaw, tracked as CVE-2026-39817 and now publicly disclosed, affects the `go tool pack` subcommand—a stripped-down archive handler used primarily as an internal co...
A critical security vulnerability allowing container escape through path traversal remains exploitable on the origin/main branch, according to a newly disclosed GitHub issue. The flaw, designated F1085, exists in the deleteViaEphemeral function within container_files.go and exploits how the rm command handles multiple ...
A high-severity security review of a recent commit to the open-source repository stock-bot has flagged a critical path traversal flaw in its telemetry dashboard. The vulnerability, identified in `dashboard.py` at lines 7248–7298, resides in the `/api/telemetry/latest/computed` endpoint. The endpoint accepts a client-su...