Weaknesses of type CWE-266
960 resultsCVE-2025-15087MEDIUMyoulaitech youlai-mall OrderController.java submitOrderPayment improper authorizationEPSS 0.2%CVE-2025-50691MEDIUMMCSManager 10.5.3 daemon process runs as a root account by default, and its sensitive data (including tokens and terminal content) is storedEPSS 0.2%CVE-2026-10285MEDIUMDevaslanPHP project-management Ticket KanbanScrumHelper.php recordUpdated improper authorizationEPSS 0.2%CVE-2026-10284MEDIUMDevaslanPHP project-management Livewire ViewTicket.php doDeleteComment improper authorizationEPSS 0.2%CVE-2026-11533MEDIUMimvks786 student_management_system Student Deletion Endpoint see.php improper authorizationEPSS 0.2%CVE-2026-10218MEDIUMnextlevelbuilder GoClaw evolution_handlers.go auth improper authorizationEPSS 0.2%CVE-2026-5141HIGHImproper Access Control in TUBITAK BILGEM's Pardus Software CenterEPSS 0.2%CVE-2026-10282MEDIUMBottelet DaybydayCRM DocumentsController.php view improper authorizationEPSS 0.2%CVE-2026-3268MEDIUMpsi-probe PSI Probe Session Attribute RemoveSessAttributeController.java access controlEPSS 0.2%CVE-2026-7631MEDIUMcode-projects Online Hospital Management System Registration improper authorizationEPSS 0.2%CVE-2026-32530HIGHWordPress Creator LMS plugin <= 1.1.18 - Privilege Escalation vulnerabilityEPSS 0.2%CVE-2025-15118MEDIUMmacrozheng mall Member Endpoint update improper authorizationEPSS 0.2%CVE-2026-8743MEDIUMOpen5GS AMF/MME context.c ran_ue_find_by_amf_ue_ngap_id improper authorizationEPSS 0.2%CVE-2026-4013MEDIUMSourceCodester Web-based Pharmacy Product Management System add_admin.php improper authorizationEPSS 0.2%CVE-2026-40869HIGHDecidim amendments can be accepted or rejected by anyoneEPSS 0.2%CVE-2022-20681HIGHCisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Catalyst 9000 Family Wireless Controllers Privilege Escalation VulnerabilityEPSS 0.2%CVE-2026-10294MEDIUMPackageKit API pk-transaction.c g_file_test improper authorizationEPSS 0.2%CVE-2026-9604MEDIUMJeecgBoot AiragModelController access controlEPSS 0.2%CVE-2026-44997LOWOpenClaw < 2026.4.22 - Security Envelope Constraint Bypass in ACP Child SessionsEPSS 0.2%CVE-2025-14052MEDIUMyoulaitech youlai-mall members getMemberById access controlEPSS 0.2%