Fallos del tipo CWE-862
7076 resultadosCVE-2026-40728MEDIUMWordPress Magazine Blocks plugin <= 1.8.3 - Broken Access Control vulnerabilityEPSS 0.1%CVE-2025-68087MEDIUMWordPress Modalier for Elementor plugin <= 1.0.6 - Broken Access Control vulnerabilityEPSS 0.1%CVE-2025-68086MEDIUMWordPress Reformer for Elementor plugin <= 1.0.6 - Broken Access Control vulnerabilityEPSS 0.1%CVE-2025-68085MEDIUMWordPress Buttoner for Elementor plugin <= 1.0.6 - Settings Change vulnerabilityEPSS 0.1%CVE-2026-57922LOWIn JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possibleEPSS 0.1%CVE-2025-68088MEDIUMWordPress Huger for Elementor plugin <= 1.1.5 - Broken Access Control vulnerabilityEPSS 0.1%CVE-2023-20926MEDIUMIn onParentVisible of HeaderPrivacyIconsController.kt, there is a possible way to bypass factory reset protections due to a missing permissiEPSS 0.1%CVE-2026-33887MEDIUMStatamic allows unauthorized content access through missing authorization in its revision controllersEPSS 0.1%CVE-2026-9251MEDIUMMissing authorization in the entry status management feature in Devolutions Server allows a non-administrator authenticated user to bypass tEPSS 0.1%CVE-2025-43000HIGHInformation Disclosure Vulnerability in SAP Business Objects Business Intelligence Platform (PMW)EPSS 0.1%CVE-2026-4309MEDIUMMissing Authorization vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to get a specific device information and change thEPSS 0.1%CVE-2025-49459HIGHZoom Workplace for Windows on ARM - Missing AuthorizationEPSS 0.1%CVE-2025-43497MEDIUMAn access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break outEPSS 0.1%CVE-2026-3351LOWAuthorization Bypass in LXD GET /1.0/certificates EndpointEPSS 0.1%CVE-2026-40786MEDIUMWordPress MyRewards plugin <= 5.7.3 - Broken Access Control vulnerabilityEPSS 0.1%CVE-2025-68603MEDIUMWordPress Editorial Calendar plugin <= 3.8.8 - Broken Access Control vulnerabilityEPSS 0.1%CVE-2026-8381MEDIUMBroken Access Control in TeamViewer DEX Platform (On Premises)EPSS 0.1%CVE-2026-40729MEDIUMWordPress 3D viewer – Embed 3D Models plugin <= 1.8.5 - Broken Access Control vulnerabilityEPSS 0.1%CVE-2026-33141MEDIUMChamilo LMS has an IDOR in REST API Stats Endpoint Exposes Any User's Learning DataEPSS 0.1%CVE-2023-39298HIGHQTS, QuTS heroEPSS 0.1%