Threats Tagged 'cve-2026-25964'
View all threats tagged with 'cve-2026-25964'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-25964'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-25964: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in TandoorRecipes recipesCVE-2026-25964 0 Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.5.1, a Path Traversal vulnerability in the RecipeImport workflow of Tandoor Recipes allows authenticated users with import permissions to read arbitrary files on the server. This vulnerability stems from a lack of input validation in the file_path parameter and insufficient checks in the Local storage backend, enabling an attacker to bypass storage directory restrictions and access sensitive system files (e.g., /etc/passwd) or application configuration files (e.g., settings.py), potentially leading to full system compromise. This vulnerability is fixed in 2.5.1. Join the discussion | CVE Database V5 | 02/13/2026, 18:27:08 UTC Added: 02/13/2026, 18:49:32 UTC |
Showing 1 to 1 of 1 result