CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Path traversal vulnerabilities

directory traversal100 advisories82 exploitedlatest 2026-07-10

Path traversal lets an attacker read or write files outside the intended directory by smuggling ../ sequences into file paths. In appliances and web applications it often exposes configuration files and credentials — and when writes are possible, it escalates to code execution via planted files.

Classification is assigned by the CSIRTS enrichment pipeline from the advisory text. The list below shows the latest advisories tagged path traversal, newest first, across national CERTs, vendor PSIRTs and vulnerability databases — exploited marks CVEs in the CISA KEV catalog.

Latest path traversal advisories

Other vulnerability classes

Remote code execution (996)Privilege escalation (466)Authentication bypass (368)Denial of service (608)Information disclosure (414)Memory corruption (263)Code injection (92)Cross-site scripting (112)Unsafe deserialization (49)SQL injection (51)Server-side request forgery (38)