CVEs classified under CWE-706, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2025-65474 — CVSS 9.8 (critical): An arbitrary file rename vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute…
CVE-2024-35198 — CVSS 9.8 (critical): TorchServe is a flexible and easy-to-use tool for serving and scaling PyTorch models in production. TorchServe 's check on allowed_urls…
CVE-2023-31814 — CVSS 9.8 (critical): D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php.
CVE-2022-30258 — CVSS 9.8 (critical): An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of unintended domain name resolution. A revoked…
CVE-2022-30257 — CVSS 9.8 (critical): An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of unintended domain name resolution. A revoked…
CVE-2020-12279 — CVSS 9.8 (critical): An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of…
CVE-2020-12278 — CVSS 9.8 (critical): An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS…
CVE-2020-10574 — CVSS 9.8 (critical): An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "query_logger" Admin API…
CVE-2019-8908 — CVSS 9.8 (critical): An issue was discovered in WTCMS 1.0. It allows remote attackers to execute arbitrary PHP code by going to the "Setting -> Mailbox…
CVE-2019-7731 — CVSS 9.8 (critical): MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an attacker writes shell code into the database, and executes the Backup…
CVE-2021-37315 — CVSS 9.1 (critical): Incorrect Access Control issue discoverd in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote…
CVE-2021-37144 — CVSS 9.1 (critical): CSZ CMS 1.2.9 is vulnerable to Arbitrary File Deletion. This occurs in PHP when the unlink() function is called and user input might affect…
CVE-2026-35666 — CVSS 8.8 (high): OpenClaw before 2026.3.22 contains an allowlist bypass vulnerability in system.run approvals that fails to unwrap /usr/bin/time wrappers…
CVE-2026-40912 — CVSS 8.2 (high): Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity…
CVE-2024-27295 — CVSS 8.2 (high): Directus is a real-time API and App dashboard for managing SQL database content. The password reset mechanism of the Directus backend…
CVE-2025-30870 — CVSS 8.1 (high): Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel Engine…
CVE-2025-30849 — CVSS 8.1 (high): Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential…
CVE-2024-53739 — CVSS 8.1 (high): Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cool Plugins…
CVE-2022-27778 — CVSS 8.1 (high): A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with…
CVE-2021-39156 — CVSS 8.1 (high): Istio is an open source platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce…
CVE-2021-47261 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function…
CVE-2019-0571 — CVSS 7.8 (high): An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data…
CVE-2024-37150 — CVSS 7.6 (high): An issue in `.npmrc` support in Deno 1.44.0 was discovered where Deno would send `.npmrc` credentials for the scope to the tarball URL when…
CVE-2022-30621 — CVSS 7.6 (high): Allows a remote user to read files on the camera's OS "GetFileContent.cgi". Reading arbitrary files on the camera's OS as root user.
CVE-2026-10696 — CVSS 7.5 (high): Use of an incorrectly resolved name or reference in the pinget backend in Devolutions UniGetUI 2026.2.0 and earlier allows a WinGet…
CVE-2025-58362 — CVSS 7.5 (high): Hono is a Web application framework that provides support for any JavaScript runtime. Versions 4.8.0 through 4.9.5 contain a flaw in the…
CVE-2025-48136 — CVSS 7.5 (high): Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Estatik Mortgage…
CVE-2024-27292 — CVSS 7.5 (high): Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access…
CVE-2023-34092 — CVSS 7.5 (high): Vite provides frontend tooling. Prior to versions 2.9.16, 3.2.7, 4.0.5, 4.1.5, 4.2.3, and 4.3.9, Vite Server Options (`server.fs.deny`) can…
CVE-2021-40856 — CVSS 7.5 (high): Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the /about/../ substring.
CVE-2021-27306 — CVSS 7.5 (high): An improper access control vulnerability in the JWT plugin in Kong Gateway prior to 2.3.2.0 allows unauthenticated users access to…
CVE-2020-35894 — CVSS 7.5 (high): An issue was discovered in the obstack crate before 0.1.4 for Rust. Unaligned references can occur.
CVE-2019-1351 — CVSS 7.5 (high): A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering…
CVE-2018-12020 — CVSS 7.5 (high): mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers…
CVE-2023-42451 — CVSS 7.4 (high): Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 3.5.14, 4.0.10, 4.1.8, and 4.2.0-rc2, under…
CVE-2025-30357 — CVSS 7.3 (high): NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is…
CVE-2020-26233 — CVSS 7.3 (high): Git Credential Manager Core (GCM Core) is a secure Git credential helper built on .NET Core that runs on Windows and macOS. In Git…
CVE-2026-13372 — CVSS 7.2 (high): Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through…
CVE-2021-31933 — CVSS 7.2 (high): A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file…
CVE-2019-17575 — CVSS 7.2 (high): A file-rename filter bypass exists in admin/media/rename.php in WBCE CMS 1.4.0 and earlier. This can be exploited by an authenticated user…
CVE-2019-9616 — CVSS 7.2 (high): An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does…
CVE-2023-27561 — CVSS 7.0 (high): runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit…
CVE-2019-19921 — CVSS 7.0 (high): runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To…
CVE-2022-29448 — CVSS 6.8 (medium): Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress.
CVE-2022-29445 — CVSS 6.8 (medium): Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Popup Box plugin <= 2.1.2 at…
CVE-2022-28198 — CVSS 6.6 (medium): NVIDIA Omniverse Nucleus and Cache contain a vulnerability in its configuration of OpenSSL, where an attacker with physical access to the…
CVE-2026-45306 — CVSS 6.5 (medium): pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the fix for CVE-2026-33509 prevents setting…
CVE-2025-24733 — CVSS 6.5 (medium): Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Akhtarujjaman…