Tag

#path traversal

7 stories taggedpath traversal.

Photoreal news-editorial image, 16:9, full frame edge to edge
Vulnerabilities

Progress ShareFile zero-day forced emergency server shutdowns; patch is out

A path traversal flaw in Storage Zone Controllers let admin users read and write files they shouldn't. Progress says no customer breach has been found.

3 min read
Vulnerabilities

Three FortiSandbox Bugs Under Active Exploitation, Including a 9.1 Path Traversal

Threat intel firm flags in-the-wild abuse of CVE-2026-39813, CVE-2026-39808 and CVE-2026-25089 within a 24-hour window.

2 min read
AI Security

Langflow's Unauthenticated File-Write Flaw Is Being Exploited — Patch Dropped 73 Days Ago

CVE-2026-5027 lets attackers write files to arbitrary paths on exposed servers, and because Langflow ships with login disabled by default, exploitation requires exactly zero credentials.

3 min read
Vulnerabilities

Langflow Path Traversal Flaw CVE-2026-5027 Hits CISA's Exploited List

An unauthenticated write-anywhere bug in the open-source AI builder is being abused in the wild, per VulnCheck telemetry, raising fresh questions for federal users bound by BOD 22-01 patch deadlines.

2 min read
Vulnerabilities

Langflow Path Traversal Under Active Exploitation, No Patch Available

CVE-2026-5027 lets unauthenticated attackers write arbitrary files on Langflow servers. In-the-wild exploitation is being tracked now.

2 min read
Threat Intelligence

Gamaredon and UAC-0226 Are Still Riding the WinRAR Path-Traversal Bug Into Ukrainian Networks

Nearly a year after a patch shipped, CVE-2025-8088 keeps paying dividends for two Russia-aligned crews running stealer campaigns against Ukraine.

2 min read
Vulnerabilities

One Bad Character in a Host Header Breaks Auth for Thousands of FastAPI Apps

A parsing gap in Starlette lets unauthenticated requests reach protected routes — and the blast radius runs deep into the AI inference stack.

3 min read
© 2026 Threat Vectr