The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that ...
CSO Online

Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not ...
SecurityWeek

Critical Vulnerability Patched in jsPDF

A jsPDF vulnerability tracked as CVE-2025-68428 could allow attackers to read arbitrary files, exposing configurations and ...
heise online

Page 2: Java libraries that help mitigate CWE-22

Apache Commons IO provides a set of utilities for working with the file system that can be helpful in preventing path traversal vulnerabilities. The FilenameUtils class contains methods for ...
Threat Post

Netgear Management System Vulnerable to RCE, Path Traversal Attacks

Netgear’s Network Management System suffers from two vulnerabilities, an arbitrary file upload and a path traversal, which could let a remote attacker execute code and download files. Netgear’s ...
CSOonline

CISA, FBI urge developers to patch path traversal bugs before shipping

US Cybersecurity Infrastructure and Security Agency (CISA) and the FBI have issued a joint advisory to developers, urging them to check for path traversal vulnerabilities before shipping a software.