CVE-2026-40005: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Apache Software Foundation Apache IoTDB
Apache IoTDB versions from 1.0.0 up to but not including 2.0.10 contain a path traversal vulnerability (CWE-22) that allows an attacker to write arbitrary files anywhere the IoTDB process has write…
Read the full articleYou might also wanna read
CVE-2026-48800 Bypass: Path Traversal Vulnerability Discovered in Notepad++ v8.9.6.1
## Vulnerability Summary **Product**: Notepad++ v8.9.6.1 (latest patched version) **Type**: CWE-42 (Path Traversal) / CWE-59 (Improper Link

Exploring 3 types of directory traversal vulnerabilities in C/C++
Learn how directory traversal vulnerabilities work on web servers written on C/C++, as well as how to prevent them, including arbitrary file

WAF - WAF Release - 2025-07-28
This week’s update spotlights several vulnerabilities across Apache Tomcat, MongoDB, and Fortinet FortiWeb. Several flaws related with a mem

WAF - WAF Release - 2026-07-01
This release adds targeted coverage for a path traversal flaw in Fortinet FortiSandbox (CVE-2026-39813) and transitions the Anomaly:Header:U
Reviewing CVE-2022-42889: The arbitrary code execution vulnerability in Apache Commons Text
In this post we’ll review CVE-2022-42889, the recent Arbitrary Code Execution Vulnerability in Apache Commons Text, including what it is, ho

WAF - WAF Release - 2025-09-29
This week highlights four important vendor- and component-specific issues: an authentication bypass in SimpleHelp (CVE-2024-57727), an infor

Comments
Sign in to join the conversation.
No comments yet. Be the first.