path traversal
-
CISA Adds Gogs Path Traversal CVE-2025-8110 to Known Exploited Vulnerabilities Catalog
CISA added CVE-2025-8110, a high severity Gogs path traversal that can enable code execution, to its Known Exploited Vulnerabilities catalog on January 12 2026. About 1,600 exposed instances exist with several hundred compromised.
-
Critical path traversal in @adonisjs/bodyparser allows arbitrary file writes
A critical path traversal in the @adonisjs/bodyparser npm package tracked as CVE-2026-21440 with CVSS 9.2 can permit arbitrary file writes. Patches are available in versions 10.1.2 and 11.0.0-next.6
