Not with bash. If your distro is putting ./ into the path then that's absolutely a high severity CVE with your distro's config.