WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity ...
heise online

Secure Coding: Best practices for using Java NIO against path traversal

The article Secure Coding: Preventing unauthorized access through path traversal (CWE-22) has already described the dangers posed by the critical vulnerability CWE-22 (path traversal) in software ...
heise online

Secure coding: Prevent unauthorized access through path traversal (CWE-22)

Common Weakness Enumeration CWE-22, commonly referred to as "path traversal", is a vulnerability in which an application does not appropriately restrict the paths that users can access via ...
CSOonline

Directory traversal explained: Definition, examples and prevention

In September, researchers discovered a “critical severity” directory traversal vulnerability in Atlassian’s Jira Service Desk Server and Jira Service Desk Data Center that could allow attackers to ...
CSOonline

CISA, FBI urge developers to patch path traversal bugs before shipping

US Cybersecurity Infrastructure and Security Agency (CISA) and the FBI have issued a joint advisory to developers, urging them to check for path traversal vulnerabilities before shipping a software.
Dark Reading

Don't Underestimate Directory Traversal Attacks

About as simple to fix as they are to exploit, directory traversal vulnerabilities stand as a persistent threat in the application environment. Yet it is one that many developers and even security ...