Weaknesses of type CWE-1220
85 resultsCVE-2026-40690MEDIUMApache Airflow: Assets graph view bypasses DAG level access control displaying unrelated topologies and all DAGs names to unauthorized usersEPSS 0.4%CVE-2026-38743MEDIUMApache Airflow: Dags endpoint might provide access to otherwise inaccessible entitiesEPSS 0.4%CVE-2026-9088LOWKeycloak: keycloak: information disclosure due to user profile permission bypassEPSS 0.3%CVE-2023-32259MEDIUMPotential Insufficient Access Control vulnerability has been identified in OpenText™ SMAX/AMX products.EPSS 0.3%CVE-2024-6696MEDIUMHitachi Vantara Pentaho Business Analytics Server - Insufficient Granularity of Access ControlEPSS 0.3%CVE-2025-27026MEDIUMImproper Access Control Granularity impacting Infinera G42EPSS 0.3%CVE-2026-6388CRITICALArgocd-image-updater: argocd image updater: cross-namespace privilege escalation via insufficient namespace validationEPSS 0.3%CVE-2024-11931MEDIUMInsufficient Granularity of Access Control in GitLabEPSS 0.3%CVE-2025-20111HIGHCisco Nexus 3000 and 9000 Series Switches Layer 2 Ethernet Denial of Service VulnerabilityEPSS 0.3%CVE-2025-1278MEDIUMInsufficient Granularity of Access Control in GitLabEPSS 0.3%CVE-2025-54461MEDIUMChatLuck contains an insufficient granularity of access control vulnerability in Invitation of Guest Users. If exploited, an uninvited guestEPSS 0.3%CVE-2026-6356CRITICALCVE-2026-6356EPSS 0.3%CVE-2025-2408MEDIUMInsufficient Granularity of Access Control in GitLabEPSS 0.3%CVE-2025-1110LOWInsufficient Granularity of Access Control in GitLabEPSS 0.3%CVE-2025-5982LOWInsufficient Granularity of Access Control in GitLabEPSS 0.3%CVE-2025-20305MEDIUMA vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive informaEPSS 0.3%CVE-2024-12619MEDIUMInsufficient Granularity of Access Control in GitLabEPSS 0.3%CVE-2025-8049LOWInsufficient Access Control vulnerability has been discovered in OpenText Flipper.EPSS 0.3%CVE-2026-0873MEDIUMPrivilege Elevation in Ercom Cryptobox administration consoleEPSS 0.2%CVE-2025-20628MEDIUMInsufficient granularity of access control for Remote Connector Servers in client modeEPSS 0.2%