Fallos del tipo CWE-266

960 resultados
CVE-2025-11080MEDIUMzhuimengshaonian wisdom-education ExamInfoController.java selectStudentExamInfoList improper authorizationEPSS 0.2%CVE-2026-27541HIGHWordPress Wholesale Suite plugin <= 2.2.6 - Privilege Escalation vulnerabilityEPSS 0.2%CVE-2026-1892LOWWeKan REST API boards.js setBoardOrgs improper authorizationEPSS 0.2%CVE-2025-55948HIGHThis vulnerability fundamentally arises from yzcheng90 X-SpringBoot 6.0's implementation of role-based access control (RBAC) through dual deEPSS 0.2%CVE-2026-2206MEDIUMWeKan Administrative Repair fixDuplicateLists.js FixDuplicateBleed access controlEPSS 0.2%CVE-2026-47169HIGHQuest Bot: Manage Server users can configure AutoRole to grant Administrator to controlled joining accountsEPSS 0.2%CVE-2026-49111HIGHWordPress Masteriyo - LMS plugin <= 2.2.0 - Privilege Escalation vulnerabilityEPSS 0.2%CVE-2024-42441MEDIUMZoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS - Incorrect Privilege AssignmentEPSS 0.2%CVE-2024-49348MEDIUMIBM Cloud Pak for Business Automation incorrect privilege assignmentEPSS 0.2%CVE-2025-3744HIGHNomad Vulnerable To Violation Of Mandatory Sentinel Policies in Nomad Job Submissions via Policy OverrideEPSS 0.2%CVE-2025-15119LOWJeecgBoot list queryPageList improper authorizationEPSS 0.2%CVE-2025-6525MEDIUM70mai 1S Configuration Config.cgi improper authorizationEPSS 0.2%CVE-2025-12304MEDIUMdulaiduwang003 TIME-SEA-PLUS Order Status PayController.java alipayIsSucceed improper authorizationEPSS 0.2%CVE-2026-1894MEDIUMWeKan REST API checklistItems.js Checklist REST Bleed improper authorizationEPSS 0.2%CVE-2021-40124MEDIUMCisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation VulnerabilityEPSS 0.2%CVE-2025-12103MEDIUMOpenshift-ai: trusty ai grants all authenticated users to list pods in any namespaceEPSS 0.2%CVE-2025-2557MEDIUMAudi UTR Dashcam Command API access controlEPSS 0.2%CVE-2025-2397MEDIUMChina Mobile P22g-CIac Telnet Service improper authorizationEPSS 0.2%CVE-2025-40571LOWA vulnerability has been identified in Mendix OIDC SSO (Mendix 10.12 compatible) (All versions < V4.0.1), Mendix OIDC SSO (Mendix 9 compatibEPSS 0.2%CVE-2025-15656HIGHWordPress School Management plugin <= 93.2.0 - Privilege Escalation vulnerabilityEPSS 0.2%