CWE-73(External Control of File Name or Path)描述一種在漏洞資料庫與安全評估中使用的弱點類型;定義、背景與對應 CVE 見下方各節。
The product allows user input to control or influence paths or file names that are used in filesystem operations.
| 類型 | 名稱 | 類 | 普遍性 | OS / CPE |
|---|---|---|---|---|
| language | — | Not Language-Specific | Undetermined | — |
| operating_system | — | Unix | Often | — |
| operating_system | — | Windows | Often | — |
| operating_system | — | macOS | Often | — |
下列 CVE 在本庫中對應到該弱點,並保留以便追溯與檢索。
| CVE | 公開時間 | 摘要 |
|---|---|---|
| CVE-2026-58293 | 2026-07-03 | External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. |
| CVE-2026-8921 | 2026-07-02 | External Control of File Name or Path vulnerability in ASUS Business Manager allows a local user to execute arbitrary code with SYSTEM privileges via a tampered IPC message. Refer to the ' Security Up… |
| CVE-2026-5821 | 2026-07-02 | The Image Optimizer plugin for WordPress is vulnerable to arbitrary file deletion in versions up to and including 1.7.4. This is due to insufficient path validation in the Image_Backup::remove() funct… |
| CVE-2026-55628 | 2026-07-01 | In versions prior to 7.1.2-26he, the `-concatenate` operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. This issue has bee… |
| CVE-2026-12480 | 2026-07-01 | Keras versions up to and including 3.13.2 are vulnerable to an arbitrary HDF5 file read due to an incomplete fix for CVE-2026-1669. The vulnerability resides in the `H5IOStore._verify_dataset()` and `… |
| CVE-2026-6070 | 2026-07-01 | The WP-BusinessDirectory plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Deletion in versions up to and including 4.0.1. This is due to insufficient path validation in the remove(… |
| CVE-2026-3602 | 2026-06-30 | IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7 is vulnerable to SQL injection. A remote attacker could… |
| CVE-2026-10816 | 2026-06-30 | Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled |
| CVE-2026-13748 | 2026-06-29 | Improper restriction of file path resolution in Snowflake CLI versions prior to 3.19 allowed arbitrary local file content to be read and transmitted to Snowflake services. An attacker could exploit th… |
| CVE-2026-8095 | 2026-06-27 | The Frontend File Manager Plugin plugin for WordPress is vulnerable to Authenticated Arbitrary File Deletion in versions up to and including 23.6. This is due to a case-sensitive bypass of the wpfm_di… |
| CVE-2026-47214 | 2026-06-26 | Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.94.0, the HTML backend has unsafe URI and path handling. This … |
| CVE-2025-71338 | 2026-06-25 | Flowise contains a path traversal vulnerability in the /api/v1/document-store/loader/process endpoint that allows unauthenticated attackers to write arbitrary files to the filesystem. Attackers can ex… |
| CVE-2025-71334 | 2026-06-25 | Flowise before 3.0.6 (affected versions 2.2.8 and earlier) contains an arbitrary file access vulnerability due to missing validation that the chatflowId and chatId parameters are UUIDs or numbers in f… |
| CVE-2025-71333 | 2026-06-25 | Flowise through 2.2.4 contains an unauthenticated arbitrary file upload vulnerability in the /api/v1/attachments endpoint when storageType is set to local. Attackers can exploit path traversal in the … |
| CVE-2025-71324 | 2026-06-25 | Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The chatId value is not… |
| CVE-2026-55700 | 2026-06-25 | pnpm is a package manager. From 11.3.0 until 11.5.3, `pnpm stage download` derived a local filename from registry-controlled package name and version fields. A crafted manifest could escape the select… |
| CVE-2026-55699 | 2026-06-25 | pnpm is a package manager. Prior to 10.34.2 and 11.5.3, Manifest bin object keys such as "", ".", and ".." passed pnpm's bin-name guard. When a malicious package was installed globally, later global r… |
| CVE-2026-55477 | 2026-06-25 | 3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functionality to achieve arbitrary file write on the host by m… |
| CVE-2026-48720 | 2026-06-24 | Warp is an agentic development environment. From 0.2025.03.05.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepts non-inline `OSC 1337;File` payloads from terminal output and materialize … |
| CVE-2026-48520 | 2026-06-23 | Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.10.0, the "Shareable Playground" (or "Public Flows" in code) contains a potential arbitrary file-read vulnerab… |
| 日期 | 名稱 | 版本 | 重要性 | 評論 |
|---|---|---|---|---|
| 2008-07-01 | Eric Dalci | 1.0 | — | updated Time_of_Introduction |
| 2008-09-08 | CWE Content Team | 1.0 | — | updated Relationships, Other_Notes, Taxonomy_Mappings, Weakness_Ordinalities |
| 2009-01-12 | CWE Content Team | 1.2 | — | updated Applicable_Platforms, Causal_Nature, Common_Consequences, Demonstrative_Examples, Description, Observed_Examples, Other_Notes, Potential_Mitigations, References, Relationship_Notes, Relationships, Weakness_Ordinalities |
| 2009-03-10 | CWE Content Team | 1.3 | — | updated Potential_Mitigations, Relationships |
| 2009-07-27 | CWE Content Team | 1.5 | — | updated Demonstrative_Examples |
| 2009-10-29 | CWE Content Team | 1.6 | — | updated Common_Consequences, Description |
| 2009-12-28 | CWE Content Team | 1.7 | — | updated Detection_Factors |
| 2010-02-16 | CWE Content Team | 1.8 | — | updated Potential_Mitigations |
| 2011-06-01 | CWE Content Team | 1.13 | — | updated Common_Consequences, Relationships, Taxonomy_Mappings |
| 2011-09-13 | CWE Content Team | 2.1 | — | updated Relationships, Taxonomy_Mappings |
| 2012-05-11 | CWE Content Team | 2.2 | — | updated Demonstrative_Examples, References, Related_Attack_Patterns, Relationships, Taxonomy_Mappings |
| 2012-10-30 | CWE Content Team | 2.3 | — | updated Potential_Mitigations |
| 2014-07-30 | CWE Content Team | 2.8 | — | updated Relationships, Taxonomy_Mappings |
| 2017-11-08 | CWE Content Team | 3.0 | — | updated Applicable_Platforms, Likelihood_of_Exploit, Modes_of_Introduction, Relationships, Taxonomy_Mappings |
| 2020-02-24 | CWE Content Team | 4.0 | — | updated Potential_Mitigations, References, Relationships, Time_of_Introduction, Type |
| 2020-06-25 | CWE Content Team | 4.1 | — | updated Potential_Mitigations, Relationships |
| 2021-03-15 | CWE Content Team | 4.4 | — | updated Maintenance_Notes, Potential_Mitigations |
| 2021-10-28 | CWE Content Team | 4.6 | — | updated Relationships |
| 2023-01-31 | CWE Content Team | 4.10 | — | updated Description, Detection_Factors, Potential_Mitigations |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated Potential_Mitigations, Relationships |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |
| 2023-10-26 | CWE Content Team | 4.13 | — | updated Observed_Examples |
| 2025-09-09 | CWE Content Team | 4.18 | — | updated References |
| 2025-12-11 | CWE Content Team | 4.19 | — | updated Relationships |