Weaknesses of type CWE-863
2,110 resultsCVE-2025-11971MEDIUMIncorrect Authorization in GitLabEPSS 0.2%CVE-2026-1768MEDIUMA permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issEPSS 0.2%CVE-2026-49824HIGHFission: Cross-namespace Environment reference via unvalidated EnvironmentRef in Function admission webhookEPSS 0.2%CVE-2023-27951MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An arcEPSS 0.2%CVE-2026-41189HIGHFreeScout has assigned-only visibility bypass that allows editing hidden customer-authored threadsEPSS 0.2%CVE-2026-3210MEDIUMMaterial Icons - Moderately critical - Access bypass - SA-CONTRIB-2026-011EPSS 0.2%CVE-2025-24500HIGHThe vulnerability allows an unauthenticated attacker to access information in PAM database.EPSS 0.2%CVE-2026-41908LOWOpenClaw < 2026.4.20 - Scope Enforcement Bypass in Assistant-Media RouteEPSS 0.2%CVE-2024-2321MEDIUMIncorrect Authorization in Multiple WSO2 Products Allows API Access via Refresh TokenEPSS 0.2%CVE-2026-41381LOWOpenClaw < 2026.3.31 - Access Control Bypass in Discord Voice Manager via Channel AllowlistEPSS 0.2%CVE-2026-25566HIGHWeKan < 8.19 Cross-board Card Move Without Destination AuthorizationEPSS 0.2%CVE-2023-6542HIGHImproper Export of Android Application Components in SAP EMARSYS SDK ANDROIDEPSS 0.2%CVE-2026-44557MEDIUMOpen WebUI: Global Knowledge Base Enumeration via knowledge-bases Meta-CollectionEPSS 0.2%CVE-2026-45148MEDIUMSiYuan: Broken access control in SiYuan publish-mode Readers can enumerate metadataEPSS 0.2%CVE-2024-39871MEDIUMA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly separatEPSS 0.2%CVE-2023-23538MEDIUMA logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to moEPSS 0.2%CVE-2024-4465MEDIUMIncorrect authorization for Reports configuration in Guardian/CMC before 24.2.0EPSS 0.2%CVE-2024-3745HIGHMSI Afterburner v4.6.6.16381 Beta 3 - ACL BypassEPSS 0.2%CVE-2025-1540LOWIncorrect Authorization in GitLabEPSS 0.2%CVE-2026-54398MEDIUMMISP object edit authorization bypass allows unauthorized sharing group assignmentEPSS 0.2%