CWE-426 · Untrusted Search Path

646 CVEs classified under CWE-426 (Untrusted Search Path). Browse by severity and year.

Top CVEs for CWE-426
CVESeverityScorePublishedSummary
CVE-2026-44477Critical9.92026-05-28CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics expor…
CVE-2026-45772Critical9.82026-05-15Turborepo is a high-performance build system for JavaScript and TypeScript codebases. From 1.1.0 to before 2.9.14, Turborepo can be vulnerable to arbitrary cod…
CVE-2025-26155Critical9.82025-11-26NCP Secure Enterprise Client 13.18 and NCP Secure Entry Windows Client 13.19 have an Untrusted Search Path vulnerability.
CVE-2024-53866Critical9.82024-12-10The package manager pnpm prior to version 9.15.0 seems to mishandle overrides and global cache: Overrides from one workspace leak into npm metadata saved in gl…
CVE-2024-38462Critical9.82024-06-16iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail binary, such as in the mailMS.cpp#L94-L106 reference.
CVE-2023-30330Critical9.82023-05-12SoftExpert (SE) Excellence Suite 2.x versions before 2.1.3 is vulnerable to Local File Inclusion in the function /se/v42300/generic/gn_defaultframe/2.0/default…
CVE-2022-24826Critical9.82022-04-20On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..e…
CVE-2022-26184Critical9.82022-03-21Poetry v1.1.9 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when users execute Poetry…
CVE-2011-4125Critical9.82021-10-27A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the ability of unprivileged users to execute any program as root.
CVE-2020-15801Critical9.82020-07-17In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The <executable-name…
CVE-2018-19486Critical9.82018-11-23Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH) in certain cases involving the ru…
CVE-2017-12414Critical9.82017-08-03Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an untrusted search path is used for msimg32.dll, WindowsCodecs.dll, and dwmapi.dll.
CVE-2017-2225Critical9.82017-07-07Untrusted search path vulnerability in EbidSettingChecker.exe (version 1.0.0.0) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified…
CVE-2025-49457Critical9.62025-08-12Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access
CVE-2024-58250Critical9.32025-04-22The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.
CVE-2025-31480Critical9.12025-04-04aiven-extras is a PostgreSQL extension. This is a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the…
CVE-2026-45721Critical9.02026-05-26Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is asked for any URL path that resolves to a directory without an index f…
CVE-2025-23266Critical9.02025-07-17NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary c…
CVE-2026-53819High8.82026-06-11OpenClaw before 2026.5.27 contains an arbitrary code execution vulnerability in skill install flows where workspace .env files can override the Homebrew execut…
CVE-2026-29089High8.82026-03-06TimescaleDB is a time-series database for high-performance real-time analytics packaged as a Postgres extension. From version 2.23.0 to 2.25.1, PostgreSQL uses…