CWE-552— Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be.— MITRE CWE catalog
471 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-552page 10 of 10
- CVE-2026-33698CRITICALCVSS 9.8EG 9.82026-04-10
Chamilo LMS is a learning management system. Prior to 1.11.38, a chained attack can enable otherwise-blocked PHP code from the main/install/ directory and allow an unauthenticated attacker to modify existing files or create new files where…
- CVE-2026-34392HIGHCVSS 7.5EG 7.52026-04-08
LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. From 20.0.0 to before 27.0.3 and 28.0.1, a bug in the static file router can all…
- CVE-2026-34785HIGHCVSS 7.5EG 7.52026-04-02
Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static determines whether a request should be served as a static file using a simple string prefix check. When configured with URL prefixes suc…
- CVE-2026-35169HIGHCVSS 8.7EG 8.72026-04-08
LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. From to before 27.0.3 and 28.0.1, the help_editor module of LORIS did not prope…
- CVE-2026-35440MEDIUMCVSS 5.5EG 5.52026-05-12
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
- CVE-2026-35446HIGHCVSS 7.7EG 7.72026-04-08
LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. From 24.0.0 to before 27.0.3 and 28.0.1, an incorrect order of operations in the…
- CVE-2026-39871HIGHCVSS 7.5EG 7.52026-05-11
A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to observe unprotected user data.
- CVE-2026-40425MEDIUMCVSS 4.9EG 5.72026-05-29
The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password.
- CVE-2026-40484CRITICALCVSS 9.1EG 9.12026-04-18
ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies files from the Images/ directory into the web-accessible document roo…
- CVE-2026-40564MEDIUMCVSS 6.5EG 6.52026-05-26
Files or Directories Accessible to External Parties, Server-Side Request Forgery (SSRF) vulnerability in Apache Flink Kubernetes Operator. The FlinkSessionJob jarURI is currently not validated so that it points to user-owned files or addr…
- CVE-2026-40624CRITICALCVSS 9.8EG 9.82026-06-19
Improper input validation in AVer PTC500S, PTC115, PTC500+, and PTC115+ cameras may allow a remote, unauthenticated attacker to achieve arbitrary code execution via a specially crafted web request.
- CVE-2026-40631HIGHCVSS 8.7EG 8.72026-05-13
An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support…
- CVE-2026-42063MEDIUMCVSS 4.9EG 4.92026-05-13
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support (EoTS) are n…
- CVE-2026-45088HIGHCVSS 7.5EG 7.52026-05-27
Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tagged and deserialized directly from the a…
- CVE-2026-45543MEDIUMCVSS 5.3EG 5.32026-06-01
Nextcloud is an open source content collaboration platform. From version 4.3.0 to before version 5.2.7, a removed collaborator retains unauthorized read access to uploaded respondent files for the affected form. The scope is limited to upl…
- CVE-2026-45721CRITICALCVSS 9.0EG 9.02026-05-19
Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is asked for any URL path that resolves to a directory without an index file, DirPage walks upward through parent directories — past the configured ser…
- CVE-2026-5335MEDIUMCVSS 5.3EG 5.32026-05-04
The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information.
- CVE-2026-59703HIGHCVSS 7.5EG 7.52026-07-08
repomix contains a local file inclusion vulnerability in the git clone endpoint that allows unauthenticated attackers to read arbitrary local git repositories. The isValidRemoteValue function in src/core/git/gitRemoteParse.ts fails to bloc…
- CVE-2026-6418MEDIUMCVSS 4.6EG 4.92026-05-05
An issue was discovered in the Shared Account Synchronization component of PaperCut MF (version 25.0.4). The application allows administrative users to configure a source path for account data synchronization. Due to a lack of proper pa…
- CVE-2026-7817MEDIUMCVSS 6.5EG 6.52026-05-11
Local file inclusion (LFI) and server-side request forgery (SSRF) vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied api_key_file and api_url preferences were passed to the LLM provider clients without validation.…
- CVE-2026-8704MEDIUMCVSS 6.5EG 6.52026-05-15
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified.
Map vulnerabilities like CWE-552 to your infrastructure
EchelonGraph correlates every CVE — across CWE-552 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →